We’re pleased to announce our investment in Prevoty. Located in Santa Monica, CA, Prevoty is building a web application security platform that protects against targeted code injection attacks.
Traditionally, security has been handled at the network layer with a one-size-fits-all approach that attempts to detect and remediate all threats. However, commonly used firewalls and web application firewalls have two major flaws:
- Since they rely on historical attack data and outdated rule sets to recognize and block incoming threats, they cannot detect new and modified attacks.
- These security solutions sit outside of the web application and cannot contextualize the objectives of the data passing through and how users are interacting with the application.
A constant stream of destructive web application layer attacks regularly compromise major websites, resulting in identity theft, malware and botting, information breaches, and/or brand defacement. In 2013 alone, NBC, LinkedIn, Yahoo, The Pentagon, LivingSocial, Toyota and Tumblr were all victims of code injection attacks.
Prevoty is a cloud-based security company protecting an organization’s internal and external web application environment and its three main components: the network, the database, and the application.
Prevoty’s security modules are built within the contexts of each main component and are thus uniquely positioned to handle threats native to each context – from cross-site scripting (XSS) and cross-site request forgery (XSRF) to SQL injections, brute force, and DDoS attacks.
Their technology does not rely on past definitions, signatures, or blacklists. Instead, it understands how content will be presented to users or saved to the database (before it actually does) and determines whether content being handled by an application is safe.
Prevoty has an all-star team which includes co-founders Kunal Anand and Julien Bellanger. Kunal is the former director of technology at the BBC who has held lead security and software engineering positions at MySpace and NASA. Julien is an entrepreneur with extensive technology B2B business development experience.
Security prevention and detection solutions like the ones offered by the team at Prevoty are especially timely given the increase in volume and complexity of recent attacks. Attacks have become so prevalent that government proposed regulations requiring companies to disclose when they’ve been hacked or suffered a data breach (US, Europe) are becoming common.
Prevoty’s goal is to provide value beyond the one-size-fits-all security box, giving users flexible configuration options and actionable insights. Their technology can protect a variety of businesses and organizations (including e-commerce sites, media companies, government entities, and banking institutions) as well as the everyday blogger or content publisher.
Prevoty’s products can either be cloud-based or deployed as virtual machines in the customer environment, and can work in tandem with existing security suites to add a crucial layer of protection.
If you are a site administrator interested in protecting your web application, sign up for or live-test their product at https://www.prevoty.com/smartfilter.
If you are a WordPress blogger, prevent code-injections without limiting user engagement and dynamic content by downloading Prevoty’s security plugin at http://www.wordpress.org/plugins/smartfilter.