DATA SECURITY

75% of IT Leaders are Unconvinced About the Security of their Web Applications

Cymatic | April 12, 2021

Today, Cymatic released new research on the state of web application security. While IT leaders tend to be somewhat confident in their existing solutions, relying on various products renders smooth adoption of emerging tools—and therefore overall cyber threat prevention—a major task.

Pulse conducted a study of C-suite and VP-level executives in information technology and cybersecurity and discovered that the most common approaches to web application safety fail to engender the trust necessary for effective cyber attack protection. Among the key findings are:

• While 91% of executives spend up to a third of their web app technology budget on security, privacy, and compliance activities, they continue to rely heavily on strong password standards to protect against cyber threats.

• MFA, WAFs, and CAPTCHAs are the top technologies used to protect web apps, with 75%, 74%, and 63%, respectively.

• Account takeovers are the threat scenarios that most concern 73% of respondents.

“After spending twenty-five years spending time and money cleaning up after breaches and hackers whose creativity was still at least one step ahead of network protections, I was able to see where all the security holes are,” said Cymatic Founder and CEO Jason Hollander. “We created the CymaticONE platform to fill those holes and reduce the complexity of existing web application solutions, making it simpler and easier to defend against modern-day attack vectors.”

The Cymatic platform provides universal in-session visibility and control to minimize risk across web applications, networks, and users, while also reducing network traffic loads and removing user friction. Unlike standard WAFs, which only defend against network-based threats, Cymatic employs advanced artificial intelligence and machine-learning algorithms to detect page mutations and user anomalies. The platform protects against user-generated and device-based risks such as poor credential hygiene, dark web vulnerabilities, and potentially risky devices. It is completely invisible to users, deploys in minutes, and has an absolute time-to-value.

Although many respondents defined obstacles to change their existing web application firewall (WAF) installations, nearly 90% expect to reconsider their investments within the next six to 18 months.

Cymatic provides the first web application firewall to combine client-side WAF protection with a proprietary vulnerability, awareness, detection, and response (VADRTM) AI engine to avoid user- and app-based threats in their tracks, making it simple for any company to bridge gaps in their installations. Unlike other products that make static decisions based on siloed threat signals, Cymatic correlates and evaluates thousands of signals around a dozen threat vectors in real-time to provide a higher level of security accuracy without compromising user experience or application efficiency. Only Cymatic provides full real-time visibility and protection against all code-injection attacks, user risk, and session fraud—all with a single line of javascript.

About Cymatic

Cymatic is the only company that provides a web application firewall (WAF) solution that combines client-side WAF protections with a proprietary vulnerability, awareness, detection, and response (VADRTM) engine to provide immediate and continuous in-session intelligence regarding devices, users, and locations. Cymatic's first-look, the first-strike capability is the first in the kill chain, reducing risk across applications, networks, and users while ensuring organizations comply with today's security-driven regulations. The solution is undetectable to users, deploys in minutes, and operationalizes in seconds. Cymatic is based in Raleigh, North Carolina, and has branches in California and New York.

Spotlight

Cloud-based software delivery has increasingly become the norm in today’s world, owing to the elasticity, scalability, and economy of cloud architectures. Arista has established a leadership position in the delivery of reliable and secure cloud networking and services management through the introduction of CloudVision®, a single unified AI/ML-enabled network management platform supporting every place in the cloud – and CloudVision is now available in an “as-aService” delivery model in the cloud.


Other News
PLATFORM SECURITY,SOFTWARE SECURITY

Stellar Cyber Integrates with Netskope to Deliver World-Class User Context, Speeding Investigations and Improving Security Outcomes

Stellar Cyber | December 20, 2022

Stellar Cyber, the innovator of Open XDR, today announced a new integration with Netskope, a global leader in secure access service edge (SASE). This powerful integration makes it easy for enterprise and MSSP users of the Stellar Cyber Open XDR platform to improve visibility of risks and threats by incorporating the rich user-centric data generated by Netskope in every investigation conducted by their security analysts. Under this integration, Netskope maintains visibility and control across five lanes of user traffic, including web, managed SaaS, unmanaged SaaS, cloud service providers, and public-facing custom apps in one single-pass cloud architecture. At the same time, Stellar Cyber ingests, normalizes, and analyzes Netskope data and all other collected data to identify potential threats creating prioritized, investigation-ready incidents. As security analysts complete incident investigations, Stellar Cyber automatically initiates response actions to third-party products integrated into the solution, including Netskope. “Making it easy for our customers that use Stellar Cyber to incorporate Netskope’s valuable user insights into their investigations is another way for us to bring them new levels of security visibility. “Making security analysts more productive means attacker dwell time decreases, reducing the risk of breach across our customer's environment.” Andy Horwitz, VP of Business Development at Netskope “Automatically incorporating Netskope’s rich user data into every investigation in the Stellar Cyber platform adds critical context that previously required significant manual effort, which should be especially important to customers with lean security teams focused on reducing the workload on their SOC analysts,” said Andrew Homer, VP, Technology Alliances at Stellar Cyber. “With this integration, we continue to deliver what our customers, and the market, expect.” About Stellar Cyber Stellar Cyber’s Open XDR platform delivers comprehensive, unified security without complexity, empowering lean security teams of any skill to secure their environments successfully. With Stellar Cyber, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley.

Read More

Spotlight

Cloud-based software delivery has increasingly become the norm in today’s world, owing to the elasticity, scalability, and economy of cloud architectures. Arista has established a leadership position in the delivery of reliable and secure cloud networking and services management through the introduction of CloudVision®, a single unified AI/ML-enabled network management platform supporting every place in the cloud – and CloudVision is now available in an “as-aService” delivery model in the cloud.

Resources