ColorTokens Xsecure for Application Security

Additional Info

CompanyColorTokens Inc.
Company size (employees)100 to 499
Type of solutionSoftware


ColorTokens Xsecure takes a holistic security approach by protecting applications and data from perimeter attacks, internal threats and vulnerabilities. It protects applications from top Open Web Application Security Project (OWASP) attacks and open source software vulnerabilities.

The solution addresses critical application security considerations that help security leaders and  application teams achieve proactive security:

Application visibility & insights
Get a complete map of data destinations and correlates these destinations against the incident. Security & risk teams can answer 4 W (What? When? Where? Who?) and deliver efficient remediation.

Real time attack protection
Out of box protection against top 10 OWASP attacks such as SQL injection, file path manipulation, dangerous file upload, command injection, cross-site scripting, and XXE Injection.

Open source vulnerability protection
Automatic virtual patching to protect for open source vulnerabilities such as Apache Struts 2 vulnerability for instrumented processes and applications.

Multi-language support
Agent can be used on applications built using Java, and other languages slated for support – Python, .NET, Nodejs and PHP.

Runtime application self protection
Since the agent’s binary is inside the application, our technology automatically adapts to changes made to the app on a real-time basis.

Distributed protection
Protect applications from all directions – perimeter attacks, internal threats, and potential abuse between application processes itself.

Ease of deployment
Easily embed into the applications without making any code changes or configurations. It can run on a variety of environments such as bare metal servers, vm’s, container-based architecture or even serverless.

With Xsecure companies can understand:
– What are the attack that is taking place and the data that can get compromised
– Which code was leveraged for the attack
– Who is the attacker and which application, vulnerability is being used
– When the attack took place

How we are different

Xsecure automatically identifies the crown jewels of your application that where your sensitive data is, and who is accessing what data and where the user is coming from. It identifies what components are being used in your application and what you need to protect or keep an eye on.

Xsecure provides you a substantial amount of information with end to end visibility regarding your infra components and about the data flowing in your application. It automatically exfiltrates the data in your application. It shows an API level illumination with top users coming from which input API and landing to what data destinations in your application.

Xsecure provides out of the box protection from OWASP top 10, where we report and block these malicious payloads in runtime and provides all the problem-solving details like What, Where, Who, When. It also provides complete protection against the insider threat.