Organizations have focused security efforts on protecting the network perimeter with firewalls and IDS.
However, recently some of the most damaging breaches at major banks and healthcare entities started at the application layer.
Founded and led by IT security industry luminary Dr. Stuart Staniford, Cayuga Networks is emerging from stealth mode to deliver next-gen web application protection.
Cayuga’s industry-first solution, Decisis™, transforms web application security by applying advanced detection algorithms, active engagement, real-time forensics and human risk determination to detect attacks that would otherwise go undetected today.
Former FireEye chief scientist Dr. Staniford has created a machine/human fusion approach to protecting web applications that solves the significant problem of alert overload.
Cayuga’s expert team analyzes threats to deliver only alerts that matter – when bad guys notice exposed vulnerabilities.
These capabilities enable enterprise security teams to avoid alert fatigue and focus on critical and credible high-risk attacks where it matters the most: defending business-critical data and applications.
(Hear from with Cayuga Networks CEO Stuart Staniford, courtesy of John Jeffries and Vimeo)
- Guarantees no false positives: Unlike other security solutions, the Decisis Managed Threat Detection Service delivers only actionable alarms of critical, imminent threats.
- Delivers deeper defense and broader visibility than WAFs or RASPs at speeds up to 10 Gbs: By tracking dozens of indicators of attack in real time, at web scale and with multiple algorithms, the solution aggregates suspicious events via machine learning and automatically determines if they merit further investigation at up to 10 Gbs per second.
- Detects hidden attack code with code flow analysis: The solution uncovers inbound code, which is typically bad and often obfuscated, to determine if it represents valid code, as well as the language it is written in. Another unique differentiator is that it uses a combination of automated and human risk determination to catch zero-day attacks in detonation chambers.
- Machine/human fusion: Cayuga security experts monitor the detection server, investigate anomalies and evaluate the risks associated with such anomalies. These experienced threat analysts use custom-tailored tools to examine high-risk attacks and activate them in a virtual environment. Fused machine/human attack cognition achieves faster, deeper attack reports.
“Research universities are particularly difficult to secure and are under constant attack, commented Wyman Miles, CISO at Cornell University.
“Cayuga Networks has enabled Cornell University to improve web application security by notifying us when one of our thousands of web servers is being successfully probed or attacked.”
“False alarms from application security tools are annoying, but more importantly they prevent security teams from prioritizing the most significant vulnerabilities.
“When Dr. Staniford’s team deployed the Decisis pilot at Cornell 18 months ago, we were excited to see the results.”
“Today when Decisis alerts us, we know that the alarm is actionable and we are able to help site owners quickly take appropriate steps.”
“The gap between application security needs and available technology is huge,” said Maurice Stebila, CISO of Harman International.
This AppSec Gap creates a major blind spot, exposing enterprises to very real and present cyber dangers. At Harman, we work with security innovators to help us stay one step in front of the today’s agile adversaries.”
“The web has become a big vulnerability playground for nefarious actors to take advantage of the gap in application security,” stated Dr. Stuart Staniford, Cayuga founder and CEO.
“Alarm fatigue, a shortage of cybersecurity professionals and a diverse and legacy web infrastructure led to a pervasive problem.”
“When we set out to develop this product almost three years ago, we knew we needed to focus on these very real pain points, and today our next-gen web application protection solution is able to detect suspicious indicators and behavior in web traffic while solving the issue of alarm fatigue.”
Cayuga Networks is the world’s first web application protection company that fuses machine learning with human cognition to detect attacks that would otherwise go undetected.
Its Decisis™ Next Generation AppSec appliance is transforming web application security by applying advanced detection algorithms, active engagement, real-time forensics and human risk determination.
Founded by industry luminary Dr. Stuart Staniford, who has over two decades of experience as an entrepreneur, researcher and product developer in Internet security, Cayuga is funded by Alsop Louie Partners and Cayuga Ventures. Additional information is available at www.cayuganetworks.com.