Ensuring Application Security in Organizations

By CIOReview | Friday, April 22, 2016
670
1156
219
Julien Bellanger, Co-founder and CEO, Prevoty

Julien Bellanger, Co-founder and CEO, Prevoty

MENLO PARK, CA: One of the most promising enterprise security companies, Prevoty Inc recently added latest web service capabilities to combat with the growing vulnerabilities in network applications. The web services will allow the organizations to integrate attack protection technology into many applications in a faster and in a less complicated way.

Most of the conglomerates and multinational companies spend millions to safeguard their online network applications. The latest digital inventions and innovations in technology have rapidly led to increase in the usage of web services, creating a much larger application ecosystem. However, this boom has also lead to many vulnerabilities like cross-site scripting and SQL injection, causing security threats that may exist at various layers of network in an organization. “The ability to monitor application security complements legacy firewall solutions and only paves way for added security,” says Julien Bellanger, Co-founder and CEO, Prevoty. The firm has widened the scope of its Runtime Application Security product with Language Theoretic Security (LANGSEC) based web service capabilities.

Many organizations, have replaced their traditional web applications with new web services. Adding to an existing layer of traditional application increases the vulnerability risks. These days, the organizations are dealing with complex programmatic logic in the form of JavaScript and sometimes massive amounts of structured data in the form of Extensible Markup Language (XML) or JavaScript Object Notation (JSON). It is noted that most often, network applications are involved in communication with structured data in XML or JavaScript Object Notation (JSON). This can create a twofold problem—exposure of data to the end user and possibilities of new threats against the application.

Hence, Prevoty's Web Service capabilities adds additional processing in order to detect and understand the data type being moved to the application. The Web Services then applies the LANGSEC based approach, without damaging the data structure, which the application expects to receive. Employing this method, Prevoty continues to amalgamate with other applications without the need for code changes by engineers. “Our goal is to continue to pioneer in the security space by innovating the way companies protect their data,” remarks Bellanger.