Forum Systems Introduces PCI Standard 1.1 Web Application Firewall Protection Services

PROVO, Utah-(Business Wire)-May 16, 2007 - Forum Systems, the leader in SOA and Web Services security infrastructure, today announced the release of a Payment Card Industry Data Security Standard (PCI DSS) security module to enable compliance with updated Web application security requirements. Organizations that rely on credit card payments are facing new mandates as part of the PCI standard version 1.1 by mid-2008. The security obligations call for additional protection of Web applications through the use of application code reviews and the implementation of a Web application firewall.

The PCI standard is a set of tools and methods developed by Visa, MasterCard, American Express, and other credit card associations to ensure that sensitive and private card holder information is handled in a secure manner. Entities that accept credit or debit card payment and collect, process or store credit card transaction information are expected to rely on the PCI standard to prevent, detect and react to security incidents. Failure to comply with these requirements by merchants and service providers involved in card processing can result in fines or cancellation of payment processing capabilities.

Forum APS(TM) (Application Protection Services) is a security module designed to help organizations comply with new PCI DSS requirements. Forum APS(TM) offers organizations security enforcement policies that protect against Web application security vulnerabilities such as invalidated input, broken access control, buffer overflows, injection flaws, improper error handling, as well as other application-layer security vulnerabilities. Forum APS(TM) also packages security functionality to support strong authentication such as Digital Signatures and two-factor authentication for administrators restricting remote access to systems that hold and manage debit or credit card data.

"Forum recommends that information security must extend well beyond the network realm and become part and parcel of the business process," said Walid Negm, Vice President of Product Strategy at Forum Systems. "The PCI standard and its guidelines challenge organizations to secure data wherever it resides — in-transit and on disk. With Forum's focus on fine-grained data privacy and Web Services security standards, we offer our clients an arsenal of policy enforcement and regulatory compliance solutions."

About the PCI Data Security Standard (PCI DSS)

The PCI DSS version 1.1, a set of comprehensive requirements for enhancing payment account data security, was developed by the founding payment brands of the PCI Security Standards Council, including American Express, Discover Financial Services, JCB, MasterCard Worldwide and Visa International, to help facilitate the broad adoption of consistent data security measures on a global basis. The PCI DSS is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. This comprehensive standard is intended to help organizations proactively protect customer account data. The PCI DSS January 2005 version has been enhanced in the PCI DSS Version 1.1.

About Forum Systems

Forum Systems, Inc. is the Leader in Web Services and SOA Security(TM) infrastructure with a comprehensive suite of XML acceleration, trust management and threat protection solutions for the automated Web. Forum Systems' flexible hardware, software and embedded products make vibrant business communications possible by actively protecting XML data and Web Services across networks and business boundaries.

Forum's products have been chosen by over 150 Fortune 1000 industry leaders and are winners of Network Computing Magazine's Well-Connected 2006 and 2004 Awards and Product of the Year 2004 Award, Network Computing Magazine's Editor's Choice 2003 Award, Network Magazine's Product of the Year 2003 Award and, most recently, "Most Outstanding Product of the Year 2006" Well-Connected Award by CMP Media. Forum XWall Web Services Firewall was also the industry's only XML Firewall selected by InfoWorld LEADERBOARD 2004.

Visit Forum at www.forumsys.com


____________________________________________




____________________________________________

>> Back to Main Page

Gary E. Smith
SOA Security Architect - Securing SOA in a Connected World