Freely subscribe to our NEWSLETTER

This morning at the Assises de la Sécurité, Bee Ware, the French editor of solutions for application security, has presented its security workshop « Web Application Security: Technical Expertise Versus Behavioral Approach », thus offering an innovation approach as regards software protection.

Usually based on technical analyze of threats, today’s application security tools force administrators to various time consuming jobs such as false positive treatment or patches set up to compensate 0-day.

To face these problems, Bee Ware, during its workshop, has presented its new security engine based on a contextual approach to the application environment: ACE (Agent-based Computational Environment).

The revolutionary approach of this security engine is based on its ability to distinguish the « normality » of a Web flow.

Relying indeed on various behavioral agents (the transmitter’s reputation, the usual use of the application, etc.), the ACE security engine associates to every entering flow 3 decision-making components allowing it to give a ruling on accepting or blocking the flow.

The component values which evaluate the knowledge, reliability and security of the treated requests evolve depending on the knowledge acquired over time by ACE. In this way this new security engine gains the ability to distinguish between a normal behavior and an attack aiming the information system.
In addition to the blocking of the 0-day exploits and the false-positive elimination, the ACE security engine is also able to reduce the attack surface of a malicious person, in real time.

Security policies already set up can in this way be refined or replaced depending on the threats encountered.

By reinforcing the security level and simplifying the administrators’ work, ACE puts an end to the ancestral duel existing between new attack emergences and counter-measures developed to answer them…