TMCnet News
Arxan Launches Advanced Protection For Client-Side Web AppsSAN FRANCISCO, Sept. 13, 2018 /PRNewswire/ -- Arxan Technologies, the trusted provider of application protection solutions, announced today the launch of Arxan for Web, the latest enhancement to its industry-leading protection solution for client-side web apps. Enabling organizations to defend against server side (API) attacks and credential theft, Arxan for Web is easily deployed and provides a multi-layered defensive approach including:
The continued increase in global data breaches significantly affects business performance, costing an average of $3.86 million in a single breach.1 And a particularly sharp increase in API-based attacks is anticipated. According to Gartner: "by 2022, API abuses will be the most frequent attack vector, resulting in data breaches for enterprise web applications."2 The rise in client-side threats makes timely, proactive threat response even more critical. "Arxan for Web now provides organizations real-time threat reporting, which means they can respond to threats before attacks can get through APIs to backend systems," says Joe Sander, CEO, Arxan. "We're enabling a closed loop security process between code deployment, early stage client-side attacks, detection and remediation, and preventing the compromise of critical back office systems and assets." According to OWASP, JavaScript has become the predominant web language. At the same time, OWASP reports that Cross Site Scripting (XSS) – a client-side attack that hijacks browser sessions in order to steal credentials, redirect traffic to malicious sites, or deface websites – is one of the top application security risks. Browsers have been attempting to combat Cross Site Scripting attacks for years, something that Arxan for Web can now defend againstand report the attack back to risk management systems. "JavaScript is an incredibly powerful language, but it also has one defining flaw in regard to security: JavaScript code is interpreted at runtime. This means that virtually everyone who downloads JavaScript-based software will have full access to the code that drives it," says Rusty Carter, vice president of product management, Arxan. "Security teams traditionally focused their resources on perimeter security, everything that runs behind the firewall. If you're deploying web apps, especially in financial services, e-commerce, gaming or digital media, the attacks that will get through that perimeter start on the client side, hours, days or weeks before any suspicious interaction with the perimeter." OWASP research also shows that insufficient logging and monitoring is a primary security concern, noting that the time it takes most organizations to detect a breach is far too long to adequately address the threat until it's too late: "most breach studies show time to detect a breach is over 200 days, typically detected by external parties rather than internal processes or monitoring. Exploitation of insufficient logging and monitoring is the bedrock of nearly every major incident. Attackers rely on the lack of monitoring and timely response to achieve their goals without being detected." Arxan Threat Analytics provides much-needed visibility into the security posture of applications by giving organizations timely data and intelligence to stay in front of evolving threats to any web app deployed in the wild. For example, if a debugger is plugged into a web app, Arxan will immediately alert the organization to that activity. Arxan's most recent addition to its executive team, senior vice president of engineering Krish (Krishnakumar) Kalkiraj adds, "Protecting the client side and providing organizations early warning of imminent threats when bad actors are in the exploration phase is groundbreaking. This kind of forward-thinking innovation that has a real impact on global businesses — and that is what drew me to join the Arxan team." Kalkiraj, will be leading the continued development of Arxan for Web and Threat Analytics in addition to Arxan's portfolio of application, code and key protection technologies. Kalkiraj is a technology leader with leadership experience at companies such as Intuit, PTC and ThreatMetrix. He is recognized for the depth of his technical expertise, his holistic view of product development, and his support for cross-functional teams working together toward a common goal. For more information about Arxan for Web please visit: https://www.arxan.com/application-protection/web 1 https://www.ibm.com/security/data-breach About Arxan Technologies View original content to download multimedia:http://www.prnewswire.com/news-releases/arxan-launches-advanced-protection-for-client-side-web-apps-300712212.html SOURCE Arxan |