When we started Prevoty, one of our main goals was to give developers a systemic approach for creating and managing secure applications. Our product roadmap began with the ambition of preventing the most difficult OWASP attacks and over the last 18 months, our engineering team has created novel algorithms and technologies to prevent XSS, SQLi and CSRF. On top of that, our team has developed an on-premise version of the Prevoty engine while continuing to support nearly a dozen different SDKs + frameworks (servlet filters and HTTP modules). We've covered a lot of ground in such a short period of time!
As we met with prospects and customers over the past year, it became clear that there was a need for a particular kind of application security functionality: typed input validation. Lots of organizations perform input validation on form fields - for instance, ensuring that an email is valid or that a string meets the minimum criteria. We observed that many of them didn't really know how to perform input validation for specific types in a consistent, accurate manner. As an organization builds up its number of applications or develops in different languages, this technical debt can become a security nightmare.
We decided to build something to help.
Today, I'm pleased to announce that the Prevoty engine now supports the ability to perform input validation for specific types! We are providing developers with a consistent and accurate library that can be used from any of our SDKs.
We currently support the following validations:
- IP address
We're acutely aware that the above list isn't comprehensive or exhaustive -- it's simply a start and we have plenty more typed validations in our roadmap, including those for social security numbers, zip codes and many more.
If you'd like to see us support particular validations, please let us know at email@example.com. We're always interested in hearing how we can reduce your security pain points. In the mean time, you can always check out our current SDKs and frameworks on our GitHub: https://github.com/prevoty
We hope these typed validations allow you to shorten your application development lifecycles. As always, you can contact us if you'd like to get started with an evaluation of Prevoty today.