New behavior-based technology emerges to block bots

Web security service halts automated attacks that sneak past firewalls

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

One of the hottest areas of cyber­se­cu­ri­ty inno­va­tion has to do with new approach­es to stop bot­net oper­a­tors from infest­ing and lever­ag­ing web browsers. Cyber crim­i­nals have dis­cov­ered web browsers to be an ide­al vehi­cle for exe­cut­ing mali­cious files as unwit­ting employ­ees surf the web from with­in a company’s network.

Perime­terX, which came out of stealth mode in April 2016, is one of the star­tups mak­ing hay in this emerg­ing niche of cut­ting-edge brows­er secu­ri­ty tech­nolo­gies. Oth­ers include Dis­til Net­works, Shape Secu­ri­ty and Shield­Square. And estab­lished tech ven­dors, Aka­mai and Imper­va, known for sup­ply­ing web appli­ca­tion fire­walls (WAF,) are both mak­ing moves into brows­er secu­ri­ty systems.

ed-note_perimeterxThird­Cer­tain­ty recent­ly sat down with Perime­terX co-founders Omri Iluz (above pho­to, left), who is the CEO, and Ido Safru­ti (above pho­to, right), the company’s CTO.

Relat­ed video: What you should know about bat­tling botnets

With a U.S. base in San Mateo, Cal­i­for­nia, and a research and engi­neer­ing cen­ter in Tel Aviv, Israel, the com­pa­ny has secured $12.5 mil­lion in fund­ing from com­pa­nies includ­ing Ver­tex Ven­tures and Data Col­lect. Its main prod­uct is a web secu­ri­ty service—PerimeterX Bot Defender—that pro­tects web­sites and web appli­ca­tions from a wide range of threats.

Iluz and Safru­ti con­tend that the pro­tec­tion offered by WAFs is lim­it­ed, since it relies on black­list­ing traf­fic com­ing from known bad IP address­es. Bot Defend­er is designed to detect and stop auto­mat­ed threats by using what the com­pa­ny describes as “behav­ioral fin­ger­print­ing, brows­er-based” technology.

This inno­va­tion shifts detec­tion of mali­cious activ­i­ty from traf­fic mov­ing through a fire­wall to “the last mile,” that is, the mali­cious cod­ing that has slipped through the fire­wall and is exe­cut­ing on an indi­vid­ual employee’s browser.

Iluz and Safru­ti told Third­Cer­tain­ty that they saw how the anti-virus mar­ket evolved from sig­na­ture-based prod­ucts to behav­ioral analy­sis tech­nolo­gies. And now Perime­terX and its rivals are fol­low­ing that same path by design­ing sys­tems that assess the behav­iors of cod­ing that reach­es web browsers.

For more on ThirdCertainty’s con­ver­sa­tion with Iluz and Safru­ti, please give a lis­ten to our podcast.

More sto­ries relat­ed to bot­net and oth­er attacks:
As bot­nets break bound­aries, ban­ish­ing them requires new technology
Bat­tle over bank­ing bot­nets still hasn’t been won
Despite pre­cau­tions, DDoS attacks becom­ing more dire, damaging