Real-time Active Protection for AppSec
Organizations today need tools that are purpose built for securing modern application stacks to prevent data breaches . Past-generations of runtime AppSec tools ( WAFs , RASPs , EDRs ) are unable to address critical areas of modern application stacks such as cloud-native applications .
As an example , serverless applications with APIs , such as AWS Lambda , cannot be secured using traditional web application firewalls ( WAFs ), runtime application self-protection ( RASPs ), or endpoint detection and response ( EDR ) agents . This is because there are no accessible operating systems for agent installation nor traditional network perimeters with ingress / egress points . Data Theorem now uniquely delivers runtime defenses and observability across its entire product suite , addressing security gaps in modern application exposures commonly found with cloud-native stacks .
Data Theorem Active Protection is a runtime defense and observability offering . It works across Data Theorem ’ s product portfolio to help customers enable application-layer security defenses across their application stacks from the client layer web and mobile apps to the API data transport layer and lastly cloud infrastructure . The runtime defenses include attack prevention , OWASP Top 10 rules , known malicious sources , policy violations of encryption levels , authentication types , authorization rules , and a variety of custom rule checks including preventing Broken Object Level Authorization ( BOLA ) attacks . Further , organizations also need increased observability ( logging , tracing , trending ) before enforcing security policies because of the dynamic nature of their modern application stacks . Customers can enable Data Theorem ’ s Active Protection through the use of their SDKs ( software development kits ), application extensions ( Lambda layers ), and AppSec proxy ( L7 sidecar proxying ).