ColdFusion's BodyGuard

A high performance, customizable, engine that blocks various attacks against your CFML Applications

The Ortus FuseGuard module is a both a ColdBox & ContentBox module that will allow you to leverage the FuseGuard application software, by Foundeo, within your ColdBox and ContentBox applications. You do not need to install the FuseGuard firewall manually but just drop the module into your ColdBox or ContentBox application and immediately create a firewall barrier for your applications. It will also provide you with added functionality and integration for your ColdBox/ContentBox applications (See Capabilities).

 

 

A recent study by security firm Veracode found that "58% of all applications submitted for verification did not achieve an acceptable security score... Internally Developed applications fared the poorest, with failure rates as high as 88%."

Even the best developers in the world are capable of writing code that is not secure. Security vulnerabilities, like bugs are often unintended oversights. Just as no developer writes 100% bug free software 100% of the time, no developer can write 100% secure code 100% of the time.

Features Application Server Enterprise
Price $449 $1199 $9999
CFML Applications 1 unlimited unlimited
Physical Server 1 1 unlimited
Firewall filters checkmark checkmark checkmark
Mobile Monitoring checkmark checkmark checkmark
ColdBox Module checkmark checkmark checkmark
ContentBox Module     checkmark checkmark checkmark
*Ortus FuseGuard module is licensed similar to Foundeo's FuseGuard licensing model.
Important Note: We highly recommend that you frequently perform security audits to identify vulnerabilities within your code and server configuration. FuseGuard should not be your only line of defense. We include a FREE copy of our CFML Security Checklist with every purchase of our firewall. If you need help reviewing your ColdFusion code, we can help.

FAQ

Ortus FuseGuard Module has been built and tested for the following platforms.
  • Adobe ColdFusion 8+
  • Railo 3+
  • ColdBox 3.5+
  • ContentBox 1.5.7+
The physical server may contain multiple J2EE server instances, and multiple virtualized operating systems.
Yes, the server license covers an unlimited number of FuseGuard Module instances on the same physical server. This includes multiple Applications within a single ColdFusion instance, multiple applications on multiple instances of ColdFusion (on the same physcial server), and multiple instances of ColdFusion on multiple virtualized servers (running from the same physical host computer)
An application is defined as a single Application scope. If you have multiple Application.cfc/cfm files that all share the same application scope, they are considered to be a single Application. If you have a special scenario, please contact us and we'll let you know.
No, the Ortus FuseGuard Module includes a license for the appropriate level you purchased. Ortus Solutions is an official reseller for the FuseGuard Firewall and it will always contain the latest FuseGuard Release.
No, you only need licenses for production use. Once you purchase a license it can be used on unlimited number of non production servers (development, staging, hot standby, backup, qa, etc).

Apart from the standard features of the Foundeo FuseGuard Firewall, we have extended it with more ColdBox/ContentBox capabilities.  The firewall comes with over 15 filters to help protect against vulnerabilities such as:

  • Malicious File Uploads
  • Cross Site Scripting / XSS
  • SQL Injection
  • Session Hijacking
  • Cross Site Request Forgery
  • CRLF Injection
  • Path Traversal Attacks
  • Password Dictionary Attacks

The firewall comes embedded in a dual-performing module that will work for both ColdBox 3 applications and ContentBox Modular CMS. The module features are:

  • Automatic firewall registration in your application
  • Centralized Firewall configuration and extensibility via our module configuration
  • Registration of a new ColdBox interception point called onFuseGuardBlock that will be announced on firewall interventions
  • Ability to create interceptor response chains via ColdBox/ContentBox when the firewall blocks a request
  • Ability to register a BlockRequestHandler event to execute whenever the firewall blocks a request
  • Ability to do scope registration of the firewall in any valid ColdFusion scope
  • Access to the firewall object in the module configuration
  • FuseGuard ContentBox panel integration (Coming Soon)
  • ContentBox FuseGuard permission registration and administrative rights to the firewall (Coming Soon)

 

Read More...