- Website: prevoty.com
- Company size (employees): 11-50
- Headquarters Region: North America
In 3 bullets, summarize why this company deserves recognition:
● Prevoty’s LANGSEC-based technology is a first-in-kind, unrivaled automated detection and threat mitigation mechanism that is far faster, simpler, and more accurate than traditional signature-based methods.
● LANGSEC fills a need that’s currently almost completely unaddressed. Aside from the absence of application security solutions that can non-disruptively mitigate problems in real-time in applications that are in production, here’s another proof point on the application security void: 40% of attacks coming through the application layer, but only 2% of current enterprise budgets are dedicated to protecting it. As we’ve seen over and over, perimeter defenses just aren’t effective. Prevoty takes an entirely separate approach from legacy firewalls, scanners, and penetration tests. LANGSEC is a new and highly effective methodology for application-layer ‘live defense’ that closes off the attack surface of deployed, in-production applications. It heals vulnerabilities in the application’s runtime behavior, and blocks exfiltration, prevalent scripting attacks, and more.
● Prevoty’s innovative, in-app mode of runtime security adapts to any language and deployment environment, opening the door to new insights in an increasingly programmed, software-driven world. It arms security teams with timely, proactive real-time intelligence about production application/database activities that they’ve never been able to see before. Most importantly, it automatically neutralizes threats at the application layer and dramatically improves vulnerability remediation efforts.
In less than 300 words, summarize the achievements of the company in the nominated category
The good news: the pace of business is quickening with the rise of Agile DevOps. The bad news: pre-production vulnerability mitigation can’t be done quickly enough to keep up with rapid application releases. Forensics and incident response for live threats against production applications is a major challenge: there’s no visibility whatsoever once an attack passes the network layer and breaks into the operating environment. Moreover, third-party and legacy code is often impossible to fix. These problems create an alarming exposure to risk at runtime.
Prevoty’s breakthrough LANGSEC language-theoretic application security engine is field-proven to secure enterprise applications at runtime and resolve these major enterprise applications vulnerabilities. It can automatically block web-based attacks in production without using unwieldy signatures or requiring code changes — a low-maintenance, high-performance approach that divided security and application development teams can both finally appreciate.
LANGSEC emerged from academia. Prevoty’s founders foresaw today’s challenges, namely that: a) signatures cannot keep up with an infinite number of patterns, b) statistically significant heuristics do not exist in an ever-changing DevSecOps world, and c) applications cannot perform data flow analysis in production without taking a performance hit. Prevoty’s LANGSEC is 30 times faster than perimeter methodologies, with a higher correct rate than scanners or tests. It reduces enterprises’ unending need to stay one step ahead of hackers with manual blocking.
The long-term impact on how we protect applications given increasingly continuous, high-velocity development will be lasting. Enterprises will no longer need to have previously seen a particular attack in order to defend against it. LANGSEC provides the full “who, what, where, when, and how” immediate insight on attacks being waged on an application, driving smarter event mitigation decisions. Reactive firefighting will subside, replaced by developers who are secure coding experts and security professionals that calculate runtime risk more accurately.