Upload
prevoty
View
257
Download
0
Tags:
Embed Size (px)
Citation preview
Gartner estimates that 70% of all hacks happened at the application layer in 2013 – becoming the main attack surface for hackers. This has spawned new challenges for enterprises – from developing and maintaining secure web applications to testing new deployments with constrained resources.
99% of enterprise security budgets are traditionally spent at the network layer, leaving the web application layer unprotected. On top of that, existing web applica-tion security solutions rely on traditional methods (e.g. past definitions and simple pattern matching), which allow zero-day exploits and advanced targeted attacks.
Powerful Web Application Security-as-a-Service
Prevoty Integri is a comprehensive web application security-as-a-service platform that protects enterprises against top OWASP threats by validating inputs, queries and tokens. Integri libraries and plugins reduce the time and cost for developing secure applications.
Integri allows Engineering and Security teams to build dynamic, flexible and more open applications while safely handling users and content from multiple and potentially untrusted sources. By analyzing and under-standing the behavior of all the content within the web application, Integri instantly differentiates between trusted and malicious content and users.
Integri provides comprehensive web application protec-tion with: Trusted Content, Trusted Query and Trusted Token.
Introducing Prevoty Integri
Trusted Content secures all incoming content from malicious input, such as zero-day code injections (XSS), spam and profanity. Prevoty has developed a virtualization technology that does not rely on past definitions and signatures.
Trusted Content
Trusted Token generates and validates cryptographically unique tokens to prevent cross-site request forgery (CSRF) by identifying malformed, expired and replayed tokens. Prevoty has developed a smart caching and persistence technology to monitor token state.
Trusted Token
Trusted Query protects popular relational databases (MSSQL, MySQL, Oracle) from SQL injections. Prevoty has developed a novel query virtualization technology that can audit parsed fields, tables and functions.
Trusted Query
Key Benefits
Reduces the need for dedicated resources and additional coding while increasing security coverage. No complex deployments and provisioning. No hidden maintenance.
Built-in Security-as-a-service
Preserves the integrity of the data without compromising the application. No more false positives or data loss.
Data Integrity
Live threat analytics on content and users allows enterprises to block malicious users and poisoned data origins.
Real-time Threat Intelligence
Manage standardized security protection across all web appli-cation from one simple dashboard. Supports all languages and integrates with LDAP.
Flexibility
Integri allows enterprises to significantly decrease unwanted traffic, reducing operational costs.
Reduced Operational Costs
I N T E G R II
Integri Performance Statistics
20KRequests per second
with Integri Gold Package
Our Processing Capacity
.35Milliseconds
per request
Our Processing Rate
1+Secondsper request
vs.Industry Standard
Prev
oty
Inte
gri
Prov
idin
g tru
st a
nd in
tegr
ity to
web
app
licat
ions
Trusted Content - Code Injection ( XSS )
Trusted Token - Session Theft ( XSRF )
Trusted Query - SQL Injection
Core Foundation - Bonsai / SmartCache / Behavioral Monitoring
Trusted Configuration - Compromised Configurations
Integri Deployment Diagram
Prevoty Intelligence StatisticsBased on a sample set of 3 million requests processed per day
of all web trafficcarries unsafe data
1/3 50%
# of critical OWASP attacks attempted everyday
on the average website
of all user generated content is spam
1,0001k
24:00h00:00
Available for multiple languages
JavaRubyPython Wordpress
I N T E G R II
Features
About PrevotyPrevoty, a next generation web application security provider, is pioneering a new approach to securing web applications. Prevoty Integri provides web application security-as-a-service, preventing the top OWASP threats by validating your inputs, queries and tokens. The company's proprietary technology reduces the time and cost to develop secure applications via embedding security libraries and plugins.
Since its launch, top technology, media, retail and financial organizations use Prevoty for its powerful security, ease of use and flexibility. Prevoty is based in Los Angeles, CA, where it protects over half a billion unique users every sub-millisecond.
prevoty.comFor more information, please contact: [email protected]
Integrated Security Reduces the need for dedicated resources and additional coding while increasing security coverage
Data Integrity Preserves the integrity of the data without compromising the application
Analytics Real-time analytics pushed to external data stores via TCP/UDP (Splunk, Hadoop, Cassandra, OpenTSDB, etc.)
Multi-tenancy Management Multi-tenancy management with control console - business logic is managed by both security and development teams
Unlimited Scalability Horizontally scaled behind a load balancer to unlimited number of web applications, content/data and users
Standardized Support Enabling standardized security protection across all web application, supporting all languages and protocols
Access Controls Authentication and authorization can be managed in a silo or connected to Active Directory