The main objective of HDIV project has been the introduction into the worldwide market of the HDIV product suite, a set of web application security products based on the first worldwide demonstrated technology aimed at creating self-protected web applications and web services rather than securing them. This technology now contributes towards solving the important threats based on web application weaknesses faced by the cyber security field, eliminating or mitigating web security risks by design. The following objectives have been achieved:
•To increase the protection and cyber resilience of critical infrastructures against web application based cyber-attacks, protecting them against 7 out of the top 10 current threats faced in the Critical Infrastructure area (including the two main threats).
•To contribute to a more secure Internet and information society, by raising the protection against cyber-attacks based on web application vulnerabilities to levels never achieved before. HDIV repeals 90% of the top 10 critical web risks defined by OWASP , increasing the protection level from 25% to 45% in comparison with the current most advanced technologies in web application security and solving other limitations present in these existing solutions.
•To provide a flexible, automatic, simple, portable and cost effective web application protection. Apart from the effectiveness of the tool, there are other characteristics of HDIV which makes it a unique product to resolve web security risks:
-Highly flexible solution which can be applied during the application development phase or once the applications have been developed (and it is therefore valid for existing web applications or for new ones).
-Fully automatic solution providing automatic protection functionalities both during the web application development and also once the applications are running (there is no need for any intervention from the end user).
-Simplifies and improves the performance of current web security approaches that are usually based on the integration of a firewall (WAF solutions- comprised of hardware + software) and software (RASP, and AST tools). HDIV integrates both approaches into a software solution (all in one) simplifying the purchase, implementation and operation of the security solution.
-It makes web security portable: The application of HDIV in the web application development phase makes it to be integrated within the resulting web application, making the solution fully portable and suitable also for cloud deployments.
-Cost effective solution: The solution will be more affordable than current competing solutions, with savings of up to 60% depending on the chosen product type and configuration.
•To make web protection universal: HDIV is applicable to any web application, belonging to critical infrastructures, to large or small companies of any sector, to private web applications and blogs, mobile applications, Internet of Things etc.
Thanks to this project we have created a new company, Hdiv Securuty, focused 100% on the Hdiv products portfolio, generating a great interest of leader investors such and gaining traction in the market with significant customers. After the execution and the market test performed during the project we can assure that Hdiv Security has a great position in the market and can fill the gaps that we defined in the beginning of the project. Thanks to our collaboration with Gartner, we have confirmed that Hdiv solution covers the gaps confirmed by Gartner within AST and WAF categories, covering business logic flaws protection without learning processes and integrated within the SDLC.