We live in a world under constant cyber threat. Everything is now interconnected, and nearly every business and organization depends on applications for their critical operations.
So, it's rich pickings for those looking to exploit application and API weaknesses and vulnerabilities. The threat landscape has increased at a frightening speed. We've moved beyond merely dealing with basic threats, to countering highly advanced and persistent attacks.
But how bad are things, really?
The speed of war, and the race to remediate
To paraphrase Kenna Security's Prioritization to Prediction report, it's evident that most organizations find keeping up with remediating is hard work. But it's equally apparent that cyber criminals are moving faster than ever before.
And we agree.
Until recently, we've been saying that the speed of war is two weeks - based on Kenna Security research saying that 50% of exploit code was published within two weeks of the publication of a common vulnerability and exposure (CVE).
Well, that's old news. Now, say Kenna, over 50% of vulnerabilities (known to be exploited in the wild) already have code available to exploit them within a day of publication. One month after a CVE is published, 75% have been weaponized. So, the speed of war is now less than one day.
The race starts when the CVE is reserved, not published. And this is typically three months before the patch is even made available.
The state of play according to Kenna Security research
of vulnerabilities already have code available to exploit them within a day of publication
of vulnerabilities have been weaponized one month after CVE is published
What is shielding?
Web Application Shields are code designed to fix an otherwise exploitable vulnerability in an application.
When an application vulnerability is identified, our engineers determine the triggering event or events in the application traffic flow. They then develop a shield that triggers on the event. Our team have been doing this for years and now we have a library of over 14000 shields ready to go. So if you identify a vulnerability, we are likely to already have the shield ready and can deploy immediately.
The shields are built to modify or transform requests and responses in the traffic flow. They either make the vulnerability undiscoverable or nullify the associated exploit.
And best of all, it's all done without touching your underlying application code. In fact, access to the code isn't even required, so shields can work for applications written by a third-party, frameworks, and hosting platforms.
Our shield library
Attacks mitigated by shields
What are the benefits of shielding?
Shielding addresses two of the biggest challenges your organization will face. Dealing with a lack of resources and countering a rapidly expanding attack surface.