75% of IT Leaders are Unconvinced About the Security of their Web Applications

Today, Cymatic released new research on the state of web application security. While IT leaders tend to be somewhat confident in their existing solutions, relying on various products renders smooth adoption of emerging tools—and therefore overall cyber threat prevention—a major task.

Pulse conducted a study of C-suite and VP-level executives in information technology and cybersecurity and discovered that the most common approaches to web application safety fail to engender the trust necessary for effective cyber attack protection. Among the key findings are:

• While 91% of executives spend up to a third of their web app technology budget on security, privacy, and compliance activities, they continue to rely heavily on strong password standards to protect against cyber threats.

• MFA, WAFs, and CAPTCHAs are the top technologies used to protect web apps, with 75%, 74%, and 63%, respectively.

• Account takeovers are the threat scenarios that most concern 73% of respondents.

“After spending twenty-five years spending time and money cleaning up after breaches and hackers whose creativity was still at least one step ahead of network protections, I was able to see where all the security holes are,” said Cymatic Founder and CEO Jason Hollander. “We created the CymaticONE platform to fill those holes and reduce the complexity of existing web application solutions, making it simpler and easier to defend against modern-day attack vectors.”

The Cymatic platform provides universal in-session visibility and control to minimize risk across web applications, networks, and users, while also reducing network traffic loads and removing user friction. Unlike standard WAFs, which only defend against network-based threats, Cymatic employs advanced artificial intelligence and machine-learning algorithms to detect page mutations and user anomalies. The platform protects against user-generated and device-based risks such as poor credential hygiene, dark web vulnerabilities, and potentially risky devices. It is completely invisible to users, deploys in minutes, and has an absolute time-to-value.

Although many respondents defined obstacles to change their existing web application firewall (WAF) installations, nearly 90% expect to reconsider their investments within the next six to 18 months.

Cymatic provides the first web application firewall to combine client-side WAF protection with a proprietary vulnerability, awareness, detection, and response (VADRTM) AI engine to avoid user- and app-based threats in their tracks, making it simple for any company to bridge gaps in their installations. Unlike other products that make static decisions based on siloed threat signals, Cymatic correlates and evaluates thousands of signals around a dozen threat vectors in real-time to provide a higher level of security accuracy without compromising user experience or application efficiency. Only Cymatic provides full real-time visibility and protection against all code-injection attacks, user risk, and session fraud—all with a single line of javascript.

About Cymatic

Cymatic is the only company that provides a web application firewall (WAF) solution that combines client-side WAF protections with a proprietary vulnerability, awareness, detection, and response (VADRTM) engine to provide immediate and continuous in-session intelligence regarding devices, users, and locations. Cymatic's first-look, the first-strike capability is the first in the kill chain, reducing risk across applications, networks, and users while ensuring organizations comply with today's security-driven regulations. The solution is undetectable to users, deploys in minutes, and operationalizes in seconds. Cymatic is based in Raleigh, North Carolina, and has branches in California and New York.