📜 ⬆️ ⬇️

Protection of corporate applications: how to become a developer of PT Application Firewall



Two years in a row, during the international forum Positive Hack Days, the WAF Bypass competition was held to bypass the PT Application Firewall firewall . We published a blog analysis of the tasks of this competition ( 2014 and 2015 ).

Over the year, the popularity of the competition has grown significantly: this spring, 302 people registered to participate (a year earlier - 101), who during the competition sent 271,390 requests (twice as many as in the previous year).
')
At the same time, many competitors and guests of PHDays were interested not only in the competition itself and its tasks, but also in the screen that had to be bypassed. Therefore, we decided to tell a little more about this tool and invite those habrayusers who are interested in the topic of WAF not only in the framework of competitions to participate in its development.

A bit of history


Our company has been engaged in the fight against cyber threats for 13 years, during this time we have developed a number of software solutions that now provide security for more than 1000 companies in 30 countries.

One of these projects is the Positive Technologies Application Firewall (PT AF) intelligent firewall - it helps protect web portals, ERP systems and mobile applications. The product has already shown itself well in “combat” conditions: for example, when defending the websites of the VGTRK media holding during the 2014 Winter Olympics . And the international analytical company Gartner, after examining our protective screen, called the company Positive Technologies "Visionary" in its study " Magic Quadrant for Application Firewalls 2015 ".

We want to make the product even better, and for this we need enthusiastic people.

Technical details


The product is developed and supplied as a Hardware Appliance or Virtual Appliance (with Reverse Proxy, Mirrored SPAN, and Forensics operation modes) - so all parts of the system must complement each other. The solution is “sharpened” to work with highly loaded systems (10 Gbps traffic). The possibility of cluster installation with a horizontal scaling for increased performance.



Considering PT AF as a multi-component system, there are several areas of development:


For further development of the system, we are looking for C ++ developers, Python / JS developers and testers. And these are the tasks that they (that is, you) will have to do.

C ++ developers



Python / JS developers



Quality engineers



What do we offer


The project team is still small, which means that each of its members can make key decisions. Among other things, working at Positive Technologies is:


Send a story about yourself and projects that you have been able to participate in, send it in text format in the body of the email to career@ptsecurity.com .

Source: https://habr.com/ru/post/266415/


All Articles