<iframe src="//www.googletagmanager.com/ns.html?id=GTM-KXSCJR" height="0" width="0" style="display:none;visibility:hidden">

Why LANGSEC for Runtime Application Security? Because Patterns Can't Keep Up

Arpit Joshipura | Mar 10, 2016

Age-old security is broken because it uses antique techniques 

Throughout the past ten years, security methods have remained relatively unchanged. These methods rely solely on signatures, heuristics and dataflow analysis and are focused on defending the networks. The problem is that hackers have learned how to work around predefined network controls. 

The majority of today's firewalls still have to run thousands of patterns to match for known attacks, and false positives and false negatives run high -- making it difficult to determine what is normal. These traditional methods rely on code that is constantly changing. The thing you’re trying to detect is changing because the application itself is always changing, causing solutions to be out of date as soon as they are created.

Continue reading

Topics: WAFs, Startups, Application Security, RASP, Prevoty Technology, Application Security Monitoring, Signatures, Language Security, Innovation, LANGSEC, Heuristics, AppSec, Pattern matching, Cross-site Scripting, Command Injection, Runtime Application Self-Protection, Data Flow Analysis, Vulnerability remediation, SQL Injections, CSRF

Changing the application security game

Julien Bellanger | Jun 8, 2015

In my role I am fortunate to have the opportunity to discuss application security with many security leaders. For larger enterprises, there is a common thread in these discussions that the toughest challenge related to application security is getting alignment between the  “Builders” – those developing applications and features – and the “Defenders” – those in charge of ensuring application security. The costs in terms of time and resources of running a vulnerability management program are significant and application remediation efforts detract from the Builders main focus of releasing new software.

Continue reading

Topics: Company News, Application Security Monitoring

Subscribe to Email Updates