In my role I am fortunate to have the opportunity to discuss application security with many security leaders. For larger enterprises, there is a common thread in these discussions that the toughest challenge related to application security is getting alignment between the “Builders” – those developing applications and features – and the “Defenders” – those in charge of ensuring application security. The costs in terms of time and resources of running a vulnerability management program are significant and application remediation efforts detract from the Builders main focus of releasing new software.
In analyzing this, we realized that Prevoty’s core capabilities could be enhanced to provide critical insights that can change the game and dramatically improve the vulnerability management process for the industry as a whole.
So today I am proud to announce the availability of Prevoty ASM - a new application security monitoring product that, for the first time ever, provides true visibility into what attacks are actually hitting applications in production. Prevoty plug-ins are dropped into an application and, with no configuration required, will deliver application threat intelligence on the “who / what / where / when” of any attacks in real-time to SIEM’s or any logging function with zero impact on application performance.
- Who is attacking you, down to the session ID and the user metadata that only the application context can give you – Trace the origin and block it
- What exact payload is executing within your application – Build new definitions automatically at the perimeter making your existing investment smarter
- Where that payload is executing down the URL – out of 1000s of vulnerabilities, fix the ones that are actually exploited
- When the attack is happening and how frequently – detect low frequency volumetric attacks
Feedback from our customers who received early access has been incredible. They are seeing two major benefits:
- Accurate attack intelligence from inside the applications themselves allows security and operations teams to take steps to block bad actors without the risk of incurring false positives
- Visibility into which applications in their portfolio are actually under attack (and those that are not) enables alignment between Builders and Defenders for effective prioritization of remediation efforts
Importantly, any application instrumented for monitoring can also have Prevoty’s core protection capability turned on, so that applications under attack can be automatically protected.
We believe that accurate application security monitoring from inside applications with no performance hit is a true game-changer. So much so that we decided to make a version using Prevoty’s cloud service available to anyone for free. So what have you got to lose? Why not see what is actually happening in your applications?
If you are attending the Gartner Security and Risk Summit this week, make sure you stop by our booth #216 to see a live demo. If not, just drop us a note and we’ll be happy to provide you with a private briefing.
As always, we welcome your comments and questions.