PALO ALTO, Calif .– (COMMERCIAL THREAD) – Data Theorem, Inc., a leading provider of modern application security, today launched the industry’s first active protection suite, including observability and execution defense, delivering security Comprehensive on modern application stacks including API, cloud, mobile, modern web, and serverless (Lambda) functions.
Businesses today need tools specifically designed to secure modern application stacks to prevent data breaches. Previous generations of AppSec runtime tools (WAF, RASP, EDR) are unable to address critical areas of modern application stacks such as cloud native applications. For example, serverless applications with APIs, such as AWS Lambda, cannot be secured using web application firewalls (WAF), runtime application self-protection (RASP), or endpoint detection and response agents (EDRs). This is because there are no accessible operating systems for installing agents or traditional network perimeters with entry / exit points. Data Theorem now offers unique execution defenses and observability across its suite of products, filling the security gaps in modern application exhibits commonly found with cloud native stacks.
According to Gartner, âOptimal security for cloud native applications requires an integrated approach that starts in development and extends to runtime protection. Security and Risk Management (SRM) leaders should assess emerging cloud native application protection platforms that provide a comprehensive approach to the security lifecycle.1
Data Theorem is the first to provide comprehensive and comprehensive security for today’s modern applications that starts at the client layer (mobile and web), protects the network layer (REST API and GraphQL) and extends to the underlying infrastructure (cloud services).
Active Protection is an execution and observability defense offer. It works across Data Theorem’s entire product portfolio to help customers build application layer security defenses into their application stacks. Execution defenses include Attack Prevention, OWASP Top 10 Rules, Known Malicious Sources, Encryption Levels Policy Violations, Authentication Types, Authorization Rules, and a variety of custom rule checks , including the prevention of Broken Object Level Authorization (BOLA) attacks. Additionally, organizations also need increased observability (logging, tracing, trending) before enforcing security policies due to the dynamic nature of their modern application stacks. Customers can enable active protection of Data Theorem through the use of their SDKs (SDKs), Application Extensions (Lambda layers), and AppSec Proxy (L7 sidecar proxy).
âData Theorem Active Protection is the first in the industry to provide comprehensive security on today’s modern application stacks,â said Doug Dooley, COO of Data Theorem. âApplication environments are more dynamic when they take advantage of cloud services that require increased telemetry. Organizations must discover their growing attack surfaces as their adoption of the cloud grows. We are not aware of any other vendor offering active protection runtime defenses and observability across modern cloud native, mobile, web, and serverless applications.
Data Theorem’s extensive AppSec portfolio protects organizations against data breaches with application security testing and protection for modern web infrastructures, API-driven microservices, and cloud resources. Its solutions are powered by its award-winning scan engine, which leverages a new type of dynamic and runtime analysis fully integrated into the CI / CD process and enables organizations to perform continuous and automated security inspection and remediation. .
Pricing and availability
Data Theorem’s new active protection suite is available today free of charge to existing customers and included in the price of Data Theorem’s API Secure, Cloud Secure, Mobile Secure and Web Secure solution suite. For more information, see https://www.datatheorem.com/free-trial/.
Note 1 – Gartner, Inc. âInnovation Insight for Cloud-Native Application Protection Platformsâ by Neil MacDonald and Charlie Winckless. August 25, 2021.
About the data theorem
Data Theorem is a leading provider of modern application security, helping customers prevent AppSec data breaches. Its products focus on API security, cloud (serverless applications, CSPM, CWPP, CNAPP), mobile applications (iOS and Android) and web applications (single page applications). Its main mission is to analyze and secure any modern application anytime, anywhere. The award-winning Data Theorem Analyzer Engine continuously scans APIs, web, mobile and cloud applications for security and data privacy gaps. The company has detected more than a billion application incidents and currently secures more than 8,000 modern applications for its business customers around the world. Data Theorem is headquartered in Palo Alto, California, with offices in New York and Paris. For more information, visit www.datatheorem.com.
Data Theorem and TrustKit are trademarks of Data Theorem, Inc. All other trademarks are the property of their respective owners.