Home // Solutions

Virtual Patching

Mithril intervenes on your website with Virtual Patches

in case of a code attack. This means:

// HOW MITHRIL WORKS

Many customers choose our Mithril service to apply virtual patches on their web application.

Our Vulnerability Assessment and Penetration Test Team is at your disposal to test your web application looking for misconfiguration and vulnerabilities.

Once done, Mithril can patch each vulnerability found without touching your website or web application code. This makes you able to instantly resolve all vulnerabilities in 0 days before fixing the code or while waiting for an official patch from a vendor.

Discover more Try it free

// BENEFITS

No wait for a fix

Patch the vulnerabilities before they can be exploited

Until a patch becomes available, it is often a race between threat actors trying to exploit the flaw and vendors or developers rolling out a patch to fix it. With our virtual patching service, you don’t need to wait anymore for a fix or for a new release from any vendor.

No more bad fix

Implement layers of security policies and rules against known or unknown vulnerability

It sometimes happens that a change in the application code generates new unattended vulnerabilities or new ways to bypass restrictions or sanitizations. Mithril Virtual Patch protects your application from a wide variety of attacks and bypass techniques.

// Get Safe

Mithril is the best solution
for your needs

Contact us

// FEATURES

Accurate inspection

Let’s start with a detailed analysis

Accurate inspection consists of analysing each element separately through breaking up the HTTP request into headers, parameters & uploaded files. Based on the parsed info, this doesn’t occur just for its content, but also for its length and count.

Anti-evasion capabilities

Learn how the inspection should be performed

In order to prevent evasion techniques, like using different character encodings for the attack vector, the tool must transform the request to a normalized form before inspection. In fact, anti-evasion capabilities include data sanitization and character encoding.

Efficient and robust security implementation

Logic, function and variables: what virtual patches need to detect

Virtual patches must implement complex logic, as it cannot rely only on signatures. Therefore it requires a more robust rules language to define the tests, since each rule can employ a specific transformation function. Moreover the rules language needs to include variables.

// RESOURCES

Not to be missed
Study cases
Download

    // Download

    Fill out the form to receive the files directly to your email address


    Contact us


      English