March 01, 2010
Starts and $19.95 per month
XyberShield combats web application attacks, such as SQL injection or cross-site scripting, by using a form of behavior profiling called XyberFrames. This, by the way, is another up-and-coming product/service that uses software-as-a-service (SaaS) as a delivery method in cooperation with local ISPs. You create application protection rules and XyberShield protects your web applications - with 55 detection points in 22 countries, comprising multiple ISPs in each location. The company has very good global coverage.
These detection points, or "Shield Points," are located at tactical operations centers and they constantly are monitoring activity against web apps in their areas. As new behavior patterns emerge, they are characterized into XyberFrames and added to the malicious profile collection. Now, all similar applications at all XyberShield customers are protected against that particular type of behavior.
We liked this service because it is comprehensive within its niche and because of its innovative way of delivering protection. In fact, the company claims to monitor over one million web sessions per month. MARSYS, the parent company, developed XyberShield as a response to internal requirements and expanded it into a generally available service. We tend to like that approach because it tells us that the product or service solves a genuine problem and that at some point in its lifecycle it was used successfully by its developer. XyberShield is one of those interesting answers to a genuine problem.
One thing we noted with all of these innovators was the increasing use of behavioral profiling to protect targets. This works today because we have the technology to collect huge amounts of data globally, analyze the data and extract useful information that can then be used to protect those targets.
Cost: Starts at $99.95 per month.
The problem it solves: Attacks against web applications.
What we liked: Credible behavior profiling turned to target protection.
What we didn't like: I would like to see more shield points in Asia, India and South America. These areas are huge sources of attacks.
Sign up to our newsletters
SC Magazine Articles
- Study: 86 percent of websites contain at least one 'serious' vulnerability
- CareFirst BlueCross BlueShield breached, more than one million individuals notified
- Report: $19M breach settlement between MasterCard, Target terminated
- Logjam attack exposes data passed over TLS connections
- Google releases Chrome 43, addresses 37 bugs
- Hackers exploit Starbucks auto-reload feature to steal from customers
- Study: Nearly all SAP systems remain unpatched and vulnerable to attacks
- Android ransomware distributed to English speakers in spam campaign
- Former Nuclear Regulatory Commission employee arrested for alleged spear phishing campaign
- Millions of WordPress websites vulnerable to XSS bug
- Study: Average cost of data breach is $6.5M
- Data acquired from non-IRS sources enabled access to 100K taxpayer accounts
- Ransomware threat 'Locker' has sleeper component
- Beacon Health System notifies patients of possible data compromise
- Data security in the 21st century: Essentials of solid protection