Dynamic Security

BitSensor is a cloud-based Software as a Service (SaaS) or on-premise solution protecting web applications against security vulnerabilities using realtime blocking and visual insight.

Right now it takes companies 9 months, on average, before they even know that they have been hacked, let alone before they can protect themselves. 

BitSensor changes this to 50 milliseconds. 

Right now it takes companies 9 months, on average, before they even know that they have been hacked, let alone before they can protect themselves. 

BitSensor changes this to 50 milliseconds. 

Legislation is changing rapidly in response to a digital world. This requires organisations to comply with privacy and data leakage regulations such as PCI, Data Breach Notification Obligation (Meldplicht Datalekken) and the General Data Protection Regulation. Not only do most European governments require strong security enforcement, customers also expect and demand an effective security strategy. Breaches that result in leakage of sensitive, financial or personal information are simply not accepted anymore.

At the same time, organisations need to innovate faster and are moving towards DevOps and continuous delivery strategies with high-frequency releases. Security teams can only audit so often, so how to ensure security at all times while applications and services are changing at an increasing pace?

Legislation requires organisations to comply with privacy and data leakage regulations such as PCI, Data Breach Notification Obligation (Meldplicht Datalekken) and the General Data Protection Regulation. Breaches that result in leakage of sensitive, financial or personal information are simply not accepted anymore.

At the same time, organisations need to innovate faster and are moving towards DevOps and continuous delivery strategies with high-frequency releases. Security teams can only audit so often, so how to ensure security at all times while applications and services are changing at an increasing pace?

Attacker Profiling

WAF

The Web Application Firewall is the preceding technology to BitSensor's in-application security approach. 

WAF technology act's as a shell around the application, inspecting only HTTP traffic. Skilled attackers now this, and use this fact to obfuscate attacks. The second pitfall of the WAF is that is has no memory of past attacks, letting giving attackers a second change. Or a third, fourth, fifth... Attackers abuse this to eventually bypass the WAF altogether. 

Incident Response analysts should see these attempt, in reality the analysts are often overloaded with false positives of the WAF, leading to highly sensitive events that are ignored. 

VS

BitSensor

Meet Igor, a skilled but underpaid Russian hacker. Igor knows most developers are not security professionals as he is, and looks for a companies applications. After doing reconnaissance on the website, he finds the application's login page where he gets trough using a brute force attack. He discovers a page where he could execute an command injection attack, and now has access to all users confidential data. 

BitSensor instruments the application from the inside, providing insights with code level accuracy. During the attack it has captured the usernames, session ID’s, email addresses, IP addresses and the hacking tools that were used. Using this data BitSensor responded as a sniper, isolating Igor to a sand-boxed environment while leaving other users untouched.


An insightful demo


  • Production Grade

    DDoS and fail open were issues for IDS technology, affecting the protected application when under attack. BitSensor in-application plugin runs on a separate thread and is processing millions of requests in production environments.

  • No Latency

    The in-application dependency instruments the application asynchronously. This means 0 ms added latency.

  • Instant Response

    The correlation engine of BitSensor Application SIEM reduces analyst time by 80%.

    Analysts are tired by the false positve rates of IDS. BitSensor correlates attacker profiles to only alert on high severity attacks.

  • 5 min. integration

    Deployment into an application will take your developer 5 minutes, and won't require specialized consultants.

    Deployment into an application will take your developer 5 minutes, traditionally this took two weeks.

    The in-application brings the two weeks of consulting time down to 5 minutes, freeing time for the developer to work on features.

  • Sniper Response

    BitSensor also monitors good traffic, diffrentiating agains the key attacker attributes.

    BitSensor acts as a sniper, affecting only the attacker while leaving the users of your business untouched.

    BitSensor will block on the key attributes of the attacker, leaving the users of your business untouched.

    Create hacker profiles through our advanced big data correlation engine.

  • Compliancy

    GDPR requires response in 72 hours. BitSensor responds in 50 milliseconds.

    GDPR and Meldplicht Datalekken requires response in 72 hours. BitSensor responds in 50 milliseconds.

    Currently it takes companies 9 months on average to respond to a data leakage. This is incompliant with GDPR and Meldplicht Datalekken.

Architecture Overiew

BitSensor In The News