New behavior-based technology emerges to block bots

Web security service halts automated attacks that sneak past firewalls

Share on FacebookShare on Google+Tweet about this on TwitterShare on LinkedInEmail this to someonePrint this page

One of the hottest areas of cybersecurity innovation has to do with new approaches to stop botnet operators from infesting and leveraging web browsers. Cyber criminals have discovered web browsers to be an ideal vehicle for executing malicious files as unwitting employees surf the web from within a company’s network.

PerimeterX, which came out of stealth mode in April 2016, is one of the startups making hay in this emerging niche of cutting-edge browser security technologies. Others include Distil Networks, Shape Security and ShieldSquare. And established tech vendors, Akamai and Imperva, known for supplying web application firewalls (WAF,) are both making moves into browser security systems.

ed-note_perimeterxThirdCertainty recently sat down with PerimeterX co-founders Omri Iluz (above photo, left), who is the CEO, and Ido Safruti (above photo, right), the company’s CTO.

Related video: What you should know about battling botnets

With a U.S. base in San Mateo, California, and a research and engineering center in Tel Aviv, Israel, the company has secured $12.5 million in funding from companies including Vertex Ventures and Data Collect. Its main product is a web security service—PerimeterX Bot Defender—that protects websites and web applications from a wide range of threats.

Iluz and Safruti contend that the protection offered by WAFs is limited, since it relies on blacklisting traffic coming from known bad IP addresses. Bot Defender is designed to detect and stop automated threats by using what the company describes as “behavioral fingerprinting, browser-based” technology.

This innovation shifts detection of malicious activity from traffic moving through a firewall to “the last mile,” that is, the malicious coding that has slipped through the firewall and is executing on an individual employee’s browser.

Iluz and Safruti told ThirdCertainty that they saw how the anti-virus market evolved from signature-based products to behavioral analysis technologies. And now PerimeterX and its rivals are following that same path by designing systems that assess the behaviors of coding that reaches web browsers.

For more on ThirdCertainty’s conversation with Iluz and Safruti, please give a listen to our podcast.

More stories related to botnet and other attacks:
As botnets break boundaries, banishing them requires new technology
Battle over banking botnets still hasn’t been won
Despite precautions, DDoS attacks becoming more dire, damaging