Fortiweb-VM provides multiple protection layers against threats that target web applications, including cross-site scripting, SQL injection, buffer overflows, file inclusion, cookie poisoning
, schema poisoning, denial of service (at both the application and network layer) and many others.
The tool reveals Web application vulnerabilities using the same techniques used by hackers, including the manipulation of IT infrastructure vulnerabilities, parameter tampering, Web services and SOAP vulnerabilities, hidden field manipulation, cookie poisoning
, stealth commanding, backdoor and debug options, database sabotage, buffer overflow attacks, data encoding, and protocol piggybacking.
InterDo comprises of eight modules to protect against known security threats: including 'cookie poisoning
' when the content of web site cookies is corrupted; 'database sabotage', which involves hackers sending SQL commands to gain access to data on a database; and 'Trojan horses', where malicious code is hidden inside an apparently harmless program.