<iframe src="//www.googletagmanager.com/ns.html?id=GTM-KXSCJR" height="0" width="0" style="display:none;visibility:hidden">

What Questions Would a CISO Ask About Prevoty Runtime Security?

Audrey Sunu | Sep 12, 2016

Dr. Edward G. Amoroso, former CISO
of AT&T and now founding CEO of TAG Cyber, is dedicated to advancing the practice of information security and make best-in-class knowledge available to the community of security leaders. In this excerpt from his new three-part report, he interviews Julien Bellanger, CEO and Co-Founder of Prevoty about runtime technologies and the future of application security.

Continue reading

Topics: Application Security, RASP, Industry commentary, AppSec, Runtime Application Self-Protection, Runtime Application Security, TAG Cyber

The Future of Application Security Depends On Our Infrastructure

Julien Bellanger | Jun 13, 2016

To say that the future of application security depends on our infrastructure may sound controversial -- especially coming from a runtime application security startup founder.

Don’t get me wrong. Our vision is still the same: application security has to be done at the application layer, and more so than ever, that security must be embedded in the application.

Continue reading

Topics: Application Security, RASP, Language Security, LANGSEC, AppSec, Runtime Application Self-Protection, Vulnerability remediation, Runtime Application Security, Infrastructure

Why LANGSEC for Runtime Application Security? Because Patterns Can't Keep Up

Arpit Joshipura | Mar 10, 2016

Age-old security is broken because it uses antique techniques 

Throughout the past ten years, security methods have remained relatively unchanged. These methods rely solely on signatures, heuristics and dataflow analysis and are focused on defending the networks. The problem is that hackers have learned how to work around predefined network controls. 

The majority of today's firewalls still have to run thousands of patterns to match for known attacks, and false positives and false negatives run high -- making it difficult to determine what is normal. These traditional methods rely on code that is constantly changing. The thing you’re trying to detect is changing because the application itself is always changing, causing solutions to be out of date as soon as they are created.

Continue reading

Topics: WAFs, Startups, Application Security, RASP, Prevoty Technology, Application Security Monitoring, Signatures, Language Security, Innovation, LANGSEC, Heuristics, AppSec, Pattern matching, Cross-site Scripting, Command Injection, Runtime Application Self-Protection, Data Flow Analysis, Vulnerability remediation, SQL Injections, CSRF