<iframe src="//www.googletagmanager.com/ns.html?id=GTM-KXSCJR" height="0" width="0" style="display:none;visibility:hidden">

Top 3 biggest mistakes enterprises make in application security

Audrey Sunu | Aug 24, 2015

Prevoty CEO Julien Bellanger wrote a guest post on Help Net Security outlining the three most common mistakes that enterprises make when securing their applications. Despite increased investment in network and endpoint security, the industry still has a ways to go before we can confidently assert that organizations are doing everything they can to protect their applications -- which house the most sensitive data.

Continue reading

Topics: Application Security, RASP

Securing Production Applications: Performance Matters

Julien Bellanger | Jun 25, 2015

Ever since we deployed to our first customer in late 2013, there have been three consistent criteria that our customers consider when they are evaluating Prevoty or other RASP technologies: 

  • Efficacy – does the solution accurately identify malicious behavior?
  • Scalability – can the solution scale to support hundreds or thousands of applications?
  • Performance – what impact does the solution have on my applications? 
Continue reading

Topics: Company News, Application Security, RASP

Confessions of a Runtime Application Self-Protection (RASP) Skeptic

Audrey Sunu | Mar 5, 2015

Skepticism is natural -- particularly towards new technology. Even more so in the over-hyped and under-delivered information security space. We welcome the scrutiny as it's one of the exciting challenges that comes with being a new solution provider. It keeps us sharp. 

That's why it was our honor to be reviewed by Robert Richardson (@cryptorobert), who hails as Editorial Director at TechTarget's Security Media Group (and previously held the same position at Black Hat). Robert sat down for a demo of our runtime application self-protection (RASP) product with Prevoty CTO Kunal Anand.



He admits to being a RASP skeptic. 

In his investigation, Robert talks straight about how we measure up to our claims and compare to what's currently on the market.

Curious how we fared? Here are some excerpts from his review:

Continue reading

Topics: Application Security, RASP

Does true application security even exist today?

Julien Bellanger | Nov 3, 2014

We all rely on applications to run our day-to-day lives and businesses. Web or mobile, internal or external, cloud-based or local -- apps and their related databases now form the backbone of our economy. They enable communication, scheduling, data flows, trading, marketing, payment, shopping, entertainment, news, and more. Online experiences have replaced many physical experiences. It's no wonder that "applications and data, not the infrastructure, are the main focus of modern cyberattacks." [1]

Given that billions of dollars are spent every year on information security, the industry obviously makes sufficient investments in securing their applications, right? Not so fast. Let's explore the landscape as we've seen it to date:

Continue reading

Topics: Application Security, RASP

Embracing the Role of an Early Adopter

Brad Murdoch | Oct 15, 2014

Enterprises tend to have personalities that can resemble an individual’s. Think about your own experience. When did you buy your first book on Amazon? Who was your first connection on LinkedIn? How long did it take you to start using cloud services? When did you ditch your Blackberry and its keyboard for an iPhone?

Technology adoption cycles are remarkably consistent -- whether you are talking about consumer electronics, social media, eCommerce, networking equipment, or, of course, enterprise software.

Continue reading

Topics: Application Security, RASP

RASP: The next layer of information security

Julien Bellanger | Aug 19, 2014

We all know that enterprise security is a cat and mouse game.  Any company that claims it can guarantee 100% security from hackers is selling snake oil. So the best practice is to raise the bar to make it really, really hard for hackers so that they move on and try to break in somewhere else.  The industry now accepts that a layered approach is the best way to raise the bar, and of course that has translated into significant investments in endpoint protection, next generation firewalls (NGFW], intrusion detection and prevention systems (IDS / IPS), security information and event management systems (SIEMs), data loss prevention (DLP), identity and access management (IAM), etc., etc. 

These layers are of course necessary, but they’re not sufficient any more.

Continue reading

Topics: Application Security, RASP, Prevoty Technology

Prevoty Comes of Age as Runtime Application Self-Protection (RASP)

Julien Bellanger | Jun 30, 2014

We recently sponsored the 2014 Gartner Security and Risk Summit in National Harbor, Maryland, just outside Washington DC. This was a first for Prevoty, and it really felt like a la cour des grands [1] for our young company.

At the Summit, thousands of technology executives evaluate their security strategy (and shape their spending priorities). Hundreds of vendors test their value propositions and look for new product ideas based on delegate and analyst feedback. 

Like many early stage companies, we are working with some the top analysts to better understand who we are in industry terms. Many of these analysts have asked us, “Who are your direct competitors”?  I have always felt embarrassed by answering, “We have not really found any yet…but we are looking.”  

Well, now we have the answer.

Continue reading

Topics: Company News, RASP