Protecting from known and unknown attacks
Detect and block attacks such as the OWASP API & Web Top 10 attacks, business logic attacks, the latest Log4j/Log4shell related attacks, and other known and unknown attacks. Because we protect with AI-first technology, our self-learning AI makes sure that we detect and block even the most sophisticated API business logic attacks with minimal to no false positives.
Company: The company handles money exchange online and provides big data analytics of expenditures
Role: VP Engineering
Like everyone in the tech industry, was facing the Log4j vulnerability (Log4shell) crisis and quickly needed to make sure that the organization applications were secured from this far-reaching and high criticality vulnerability. The organization used node.js in the front-end so wasn’t vulnerable there, but on looking found unexpected Java-based services internally, including a legacy reporting server that they no longer were getting vendor updates for.
With Traceable already being used in their environment, they were delighted to see how it could help.
Traceable AI was able to give the organization full protection from the Log4j related exploits due to a few characteristics of Traceable AI’s Protection capabilities
Flexible deployment options – Traceable can be deployed in a wide variety of configurations and environments, making it as simple as possible to fit Traceable into an application landscape precisely and only where needed, with minimal disruption, which is important when already dealing with a major disruption like Log4Shell.
Log4j exploit detection and blocking –Traceable Protection is able to detect and block many known and unknown attacks, including the new attacks based on the Log4J vulnerabilities.
In-app virtual patching – With the in-app agent Traceable can see and selectively block calls to any specified API endpoints
How Traceable AI helped
Quick and simple Log4J protection – Although the organization application is primarily not written in Java, they knew about a legacy reporting server that was running Java and was vulnerable. However, they no longer could get support on the reporting server so Traceable provided quick and painless Log4J protection by installing onto a proxy in front of it.
Finding hidden risks – Using the Security Events list in Traceable, the organization was able to find a few more system components that were vulnerable to Log4J related attacks. Remember, they weren’t Java users so thought they were safe.
Inoculation against more than just Log4J – For the discovered vulnerable system components, the organization opted to use Traceable’s in-app agent, which was added on without code changes and provided protection against Log4J exploits at the API call level. This means that typical methods that bypass signature-based solutions would still get caught and blocked. Additionally, installing the in-app protection also will protect these components from future unknown attacks, as the log4j exploit variants continue to evolve.
Customer value in technical, business, and ROI/financial terms
Saving of time and effort of costly technical staff – Because Traceable was able to so easily and quickly find the log4J vulnerable software and provide complete protection from the Log4J related exploits, the organization technical staff were able to minimize their time wasted on this crisis and stay focused on providing value to their customers and the business.