Cequence Security announces application security platform to stop bot attacks

Cequence Security released Cequence ASP, an application security platform that provides a scalable defense against the growing number of bot attacks affecting today’s hyper-connected organizations. These financially-motivated attacks target externally-facing web and mobile apps, as well as API services that provide connections to other applications across their digital ecosystem. Attack objectives can include account takeover, content scraping, distributed denial of service, and much more.

“From a bad actor’s perspective, geo-distributed bot attacks are relatively easy to plan and execute,” said Larry Link, President and CEO of Cequence Security. “For that reason, malicious bots are becoming the new #1 attack threat facing every organization that leverages web, mobile, and API apps for business processes and customer engagement. Cequence ASP effectively empowers customers to stop these attacks.”

Cequence ASP was built not only as a distributed, extensible, open software platform, but also as automated solution leveraging a patent-pending analytics engine (CQAI), which combines applied artificial intelligence, machine learning, and behavioral analysis to deliver three key values to customers:

  • Discover – The solution discovers all web, mobile, and API applications deployed across the entire organization, providing insight into assets that must be protected.
  • Detect – Metadata from client-server traffic flowing across the organization is continuously ingested, correlated, and analyzed in real time by the CQAI engine to determine the source, target, and intent of potentially malicious attacks.
  • Defend – Once an attack is confirmed, Cequence ASP can immediately and automatically end the attack by applying multiple policy-based mitigation techniques, including blocking, deception, rate limiting, and more.

“These automation capabilities deliver important bot defense values, but we also wanted to focus on improving the productivity of IT security teams,” explained Shreyans Mehta, CTO and co-founder of Cequence Security. “The CQAI engine helps improve productivity, but we’ve also eliminated the tedious, time-consuming task of dealing with JavaScript injections and SDK modifications for each web and mobile application. This outdated process is still a requirement of first-generation bot defense products and can waste hundreds of staff hours each year. We’ve restored that lost productivity.”

Because Cequence ASP is an open, distributed software platform, it offers other benefits to customers:

  • Flexible deployment – The Cequence solution can be deployed on premise or in the cloud, across any number of locations, and still be managed as a single application security platform.
  • Architecture integration – The open APIs within the Cequence platform make it easy to exchange relevant data with SIEMs, WAFs, anti-fraud systems and other devices, and integrate with a customer’s security operations and incident response processes.
  • Fast time-to-value – Rapid deployment options, combined with automated application discovery, zero-touch application configuration, and CQAI automated analytics, collectively help minimize operational complexity and accelerate time-to-value for customers.

Cequence Security has already deployed its platform in the production environments at several Internet-powered organizations, including a Fortune 100 multinational financial services corporation and a Fortune 500 cosmetics retailer. “We’re very pleased with our early market recognition, traction, and the fact that well-known brands are trusting us to protect their businesses from these disruptive and costly attacks,” added Larry Link.

In 2019, Cequence Security plans to expand the capabilities of its ASP platform and go beyond its initial focus on defense against automated bot attacks. “The core functionality of the platform – including the CQAI engine – is already in place,” explained Ameya Talwalkar, Chief Product Officer and co-founder of Cequence Security.

“Moving forward, we plan to deliver multiple new security service modules that customers want to have consolidated within our platform. Many of these are already in development, but we will announce them in early 2019 once they are available for deployment.”

More about

Don't miss