CymaticONE + VADR’s new features allow customers to protect their web properties from persistent attacks
Cymatic unveiled exciting new features to its client-side web application firewall, CymaticONE + VADR—the only WAF solution that combines client-side WAF defenses with a proprietary vulnerability, awareness, detection, and response (VADR) engine to deliver continuous in-session intelligence and cyber threat defense for users and applications.
Click. Click. Done. It’s that simple. CymaticONE + VADR installs at the client with a single line of JavaScript to combat modern-day cyber threats such as Magecart, cross-site scripting (XSS), code-injection attacks, session hijacking, account takeovers, credential stuffing, bot attacks, and poor user security hygiene.
“Analysts at a top research firm recently published that traditional WAF technology has failed to deliver on the promise to automatically enforce positive security models; we’re on a mission to reverse that trend and fulfill the promise,” said Cymatic Founder and President Paul Storm.
“Attacks like Magecart that steal credit card data from form fills during an online purchase are difficult to detect and thwart with existing security tools—which is worrisome when you consider that 98% of websites use forms to collect confidential information.
“In less than half an hour, we relieve that worry and allow our customers to better protect their web properties from even the most malicious and persistent attacks.”
Cymatic delivers capabilities unmatched by other web application security providers. Full end-to-end visibility identifies threats at page-load—before text and images render—to stop threats at the point of attack.
In addition to blocking application-based threats, intelligent remediation uses advanced AI- and ML-based controls to eliminate user-based risk such as poor security hygiene, device vulnerabilities, and browser/plug-in updates.
Additionally, detailed playbooks help organizations combat the OWASP Top 10, the CWE Top 25, and other growing attack scenarios with the easy configuration of active control settings.
“When you realize that the average website integrates third-party code from dozens of providers or code libraries, the need for instant, continuous script integrity and execution control becomes paramount,” said Jason Hollander, Cymatic founder and chief executive.
“Unlike signature-based solutions that rely on whitelisting and known threats, we deliver in-session streaming intelligence and defense to determine in real time if something or someone has compromised a session. Our client-side WAF + VADR is unique in its ability to stop untrusted scripts from listening and siphoning data from form fields on the fly.”
Customers who deploy CymaticONE enjoy:
- Market-leading vulnerability, awareness, detection, and response (VADR)
- Real-time OWASP Top 10 and CWE top 25 defense
- Compliance-driven risk and cyber health scores
- Privacy by design
- Intelligent threat blocking, containment, and remediation
- Agentless, cookieless protection
- Multi-tenant options to support multiple business units
- Forensic reporting and records
- Dynamic user remediation
- Board-level reporting, analytics, and trends
Importantly, Cymatic’s universal visibility and control deliver first-look, first-strike capability that is earliest in the attack kill chain. Cymatic leads the market with an advanced cloud-native architecture built on hundreds of microservices and nearly two dozen leading-edge components including Pulsar, Kubernetes, and Flink.