Butterfly Security released CodeSeeker as open source through the Open Web Application Security Project (OWASP). CodeSeeker is a Web application firewall and intrusion-detection system tool that runs on Windows NT, Solaris, and Linux.
CodeSeeker intercepts Web traffic from the TCP/IP stack and looks for attack patterns. When the application finds an attack, it can either block the traffic from reaching the Web site or simply pass the attack information to a monitoring console. CodeSeeker also works with SSL connections because it intercepts traffic immediately after the SSL subsystem has decoded SSL traffic.
CodeSeeker consists of "connector agents" and a monitoring console. You install the connectors on the Web servers to be protected and install the CodeSeeker console on another system to handle configuration and monitoring of the connectors.
CodeSeeker is designed especially for high-bandwidth and diverse environments. A spokesperson for Butterfly said, "CodeSeeker's architecture was designed specifically with high bandwidth, high capacity environments in mind. One console provides complete monitoring and security management for multi-server, multi-operating system distributed enterprises ... the connectors also work across load balanced distributed environments without the need to span traffic from a switch."
Mark Curphey, the OWASP project's founder and leader said, "CodeSeeker is a valuable piece of the puzzle in protecting Web applications and Web services ... this helps us continue our mission of making the Internet a safer place for everyone."
