Close
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Menu
eWEEK.com
Search
eWEEK.com
  • Latest News
  • Cybersecurity
  • Big Data and Analytics
  • Cloud
  • Mobile
  • Networking
  • Storage
  • Applications
  • IT Management
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Development

    Imperva Advances Autonomous Application Protection Capabilities

    By
    SEAN MICHAEL KERNER
    -
    February 22, 2019
    Share
    Facebook
    Twitter
    Linkedin
      Imperva Prevoty

      Imperva is adding new capabilities to its Runtime Application Self Protection (RASP) technology platform that enables organizations to better protect their workloads.

      The ability to automatically protect code at runtime from threats is the domain of RASP technology. Imperva entered the RASP business via the acquisition of RASP vendor Prevoty in July 2018 and is now expanding the offering with new capabilities and integration into the company’s broader portfolio. The new release is Autonomous Application Protection version 3.10 and integrates features to detect weak cryptography, as well as potential network activity threats.

      “We’re pretty excited about this release just because it fundamentally alters and changes the way that RASP is considered and will be considered by many organizations,” Kunal Anand, CTO of Imperva, told eWEEK. “I think it speaks to the grander vision that we have at Imperva.”

      Anand was the co-founder and CTO of Prevoty prior to acquisition and has now transitioned to become the CTO of Imperva, with responsibilities across the company’s portfolio.

      Network Activity Protection

      RASP technologies in general look to protect code from executing potentially malicious processes. With version 2.10 of Autonomous Application Protection, Imperva is now looking beyond just what an application executes as a process to what an application attempts to connect to at the network level. Anand said Autonomous Application Protection is now looking at HTTP calls that could potentially go anywhere with the new network activity protection feature.

      “So if you have an application that’s communicating with another application, to a microservice, or to a REST API, you now have complete visibility in terms of the line of code where we’re seeing the execution from, what it’s talking to you, what it’s sending and what it’s getting back,” he explained.

      The ability to have network visibility for runtime code is important to defend against emerging forms of attack. By having network activity protection at the code runtime, it’s also possible for an organization to specifically allow applications to only be able to communicate with certain services. Anand said that Prevoty had been working on the network activity protection feature prior to being acquired by Imperva. As part of Imperva, he said that additional development work is underway to link with the company’s broader security intelligence capabilities to further enhance that network activity protection feature in the future.

      Weak Cryptography Protection

      In 2018, Prevoty added a feature that performs dependency analysis with an application. Anand said that his team looked at how customers were using the feature and discovered that it was being used to help identify cryptographic libraries. Over time, different cryptographic libraries are identified as being weaker than others and there is a need for organizations to regularly evaluate what they are using.

      “So what we did was we allowed customers to be able to constrain different kinds of cryptographic algorithms that can and can’t be used,” he said. 

      How It Works

      As opposed to other types of cyber-security technologies, RASP and Autonomous Application Protection can be injected directly into the runtime to protect an application.

      Anand said that Autonomous Application Protection can plug directly into an application server. From a DevOps perspective, the Autonomous Application Protection can be instrumented from a Continuous Integration/Continuous Deployment (CI/CD) system like Jenkins and get directly integrated into the gold master that an organization deploys.

      At a deeper technical level, Anand explained that the process that Imperva uses is known as byte code instrumentation (BCI).

      “The way it works is the agents at application startup will hook the class loader of the application and it’ll actually do injection and byte code instrumentation into the key areas that we care about,” he said.

      After the BCI process, Anand said that an approach that Prevoty developed called LANGSEC (Language Theoretic Security) comes into play.

      “The idea of LANGSEC is to effectively use formal grammar theory to parse payloads before they execute,” Anand said.

      So, for example, Anand explained that before a database query executes, the LANGSEC analysis will occur, enabling analysis and identification of potential risk. He said that the LANSEC approach goes beyond what a pattern-based recognition system can look for, to identify more complex issues.

      “LANGSEC just kind of kicks it up another level in terms of detection capabilities,” Anand said. “So we actually marry the two techniques, which is language analysis plus application context.”

      RASP and WAF

      Imperva has a number of products and services, among them is the company’s Web Application Firewall (WAF) technology. A WAF typically sits in front of applications protecting them against threats delivered over the network. RASP technology, on the other hand, is integrated inside of application code. Anand sees an opportunity for organizations to make use of both approaches to help mitigate risk.

      “A vision that we have is a converged one where we converge application and data security together,” he said.

      Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.

      MOST POPULAR ARTICLES

      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      CHRIS PREIMESBERGER - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Why Data Security Will Face Even Harsher...

      CHRIS PREIMESBERGER - December 1, 2020 0
      Who would know more about details of the hacking process than an actual former career hacker? And who wants to understand all they can...
      Read more
      Cybersecurity

      How Veritas Is Shining a Light Into...

      EWEEK EDITORS - September 25, 2020 0
      Protecting data has always been one of the most important tasks in all of IT, yet as more companies become data companies at the...
      Read more
      Big Data and Analytics

      How NVIDIA A100 Station Brings Data Center...

      ZEUS KERRAVALA - November 18, 2020 0
      There’s little debate that graphics processor unit manufacturer NVIDIA is the de facto standard when it comes to providing silicon to power machine learning...
      Read more
      Apple

      Why iPhone 12 Pro Makes Sense for...

      WAYNE RASH - November 26, 2020 0
      If you’ve been watching the Apple commercials for the past three weeks, you already know what the company thinks will happen if you buy...
      Read more
      eWeek


      Contact Us | About | Sitemap

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Property of TechnologyAdvice.
      Terms of Service | Privacy Notice | Advertise | California - Do Not Sell My Info

      © 2020 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×