Detect web-application attacks with deception technology

Organised cyber-crime is the most frequent threat actor for web application attacks, and attacks like SQL injection grew 150% in 2015. Your web facing infrastructure and custom applications are being targeted daily.

 

 

Web applications are particularly attractive to attackers as by compromising them, they often gain a direct foothold in the data-center. Additionally, custom application code is usually not of the same quality as commercial off-the-shelf software, making it easier to find vulnerabilities in the business applications most large organisations build in-house.

 

Signature based solutions such as web-application firewalls can detect typical syntactical vulnerabilities, but business logic flaws and custom attacks are far more difficult. An attacker incrementing a numeric parameter or toggling a boolean value in the application may lead to security issues that are not flagged on these solutions.

 

The current approach of relying on web-application security audits and code-reviews can only go so far — applications change regularly, and the ability of security or QA staff to think of and test all possible vulnerable conditions makes for an extremely time-consuming and low coverage security control.

 

Until the day developers right perfect code, these flaws will continue to be a regular source of compromise. More than ever, companies need a solution that can detect the intent of an attacker who is targeting their web presence.

How does deception technology detect web-application attacks?

IllusionBLACK’s WebDeflect feature detects manual and automated web-application attacks using deception. Here’s how it can help protect your applications:

 

  • Reveal attempted business logic manipulation
  • Attribute attacks to application users / sessions
  • Customise response mechanisms and deflection
  • Integrates with web or mobile applications

 

See how IllusionBLACK catches web-application attacks

Your Name (required)

Your Email (required)

Interested In


Want more information on IllusionBLACK’s advanced features?