Signal Sciences announced its new Network Learning Exchange (NLX) and Power Rules offerings. The new capabilities offer a network data feed of confirmed threats to provide warning to other Signal Sciences customers and an user-interface to define, monitor and take action on any web application or API transaction.
Signal Sciences NLX is the web application attack feed that informs enterprise customers of suspicious traffic from sources that have been confirmed to be malicious elsewhere.
Power Rules helps broaden the capabilities for enterprises to see and stop attacks beyond OWASP injection, which has been the focus of legacy WAF and RASP tools.
Using Network Learning Exchange together with Power Rules enables security teams to auto-alert and block on network intelligence from Signal Sciences NLX to ensure protection.
Set-up and maintenance also frees security, DevOps, and development teams from the need to hire additional resources, which is key in today’s tight cybersecurity skills market.
According to a 2017 CSA (cloud security alliance) survey, 40.4 percent of respondents say that the alerts they receive lack actionable intelligence to investigate. Another 31.9 percent report that they ignore alerts due to the sheer number of false positives. In addition, existing peer-to-peer signature exchanges only result in more irrelevant alerts that cause false positives.
“With NLX and Power Rules, Signal Sciences continues to innovate in the WAF market which hasn’t seen meaningful advances either by incumbents or through technology acquisition. For example, Gartner continues to identify weak analytics and efficacy from legacy WAF, especially amidst the rapid adoption of multi/hybrid cloud and DevOps. Today, Signal Sciences sees more than 150 billion requests weekly and with NLX, we’ve created a resilient, protective layer that uses that data to continually advance our detection intelligence. The result is 95% of our customers have blocking mode enabled on their production sites,” said Andrew Peterson, CEO of Signal Sciences.
“With Power Rules, enterprises can see beyond basic OWASP injection attacks and focus on the traffic that could be harming their business – something they didn’t have before.”
“Our customers have the benefit of the foundation we’ve built through working with large brands and dealing with the ever changing and growing levels of traffic that we see daily,” added Peterson.
“They get that added and unprecedented bonus of leveraging intelligence from their peers for better protection to help defend against the 41% of successful breaches Verizon tells us are occurring through web applications today.”
More about Network Learning Exchange (NLX)
Network Learning Exchange (NLX) recognizes attack patterns across Signal Sciences’ customer network to alert and defend other enterprise web applications and APIs.
Unlike other solutions, Signal Sciences NLX offers intelligence from trusted sources since Signal Sciences is used in blocking mode with 95% of its customers across the most common attack types using its proprietary SmartParse technology.
NLX eliminates the need to send signatures that can cause false positives. Instead, NLX delivers alerts when confirmed malicious sources are present on a customer’s website.
More about Power Rules
Power Rules provides platform for achieving business logic protection, negating the need for point security solutions around account takeover, fraud, bots and others. This includes application and feature abuse and misuse, bad bots, virtual patching for CVEs, and more.
With Power Rules, security and DevOps teams can start by defining signals using the user interface in the console to gain visibility, then trigger automated actions using those signals, and augment agent detections with customer-sourced lists of IPs, user agents, and other sources. There are no regexes to tune and no rules or scripting language to learn or manage.