Contact Us

CISO Series: Financial Aggregators - A Vehicle for Credential Exploitation?

By Michael Barrett on Jun 26, 2018 12:56:42 PM

If you’re familiar with Stealth Security, you’ll know that one of the first issues we tackled for customers was detecting and mitigating automated or ‘bot’ attacks against web applications. As an ex-CISO who struggled with these attacks, I wanted us to build tools that would focus on that initial problem. Since then, Stealth Security has expanded our product roadmap significantly and increased our scope to help customers extend protection to their whole environment, including mobile applications and APIs.

Topics: CISO Series
Continue Reading

JavaScript Injection- Good for Fraud Detection, Bad for Security

By Shreyans Mehta on Jun 18, 2018 2:24:00 PM

The wide availability of attack components on the dark and public web makes it easy even for novice cybercriminals to conduct a successful attack on a website, API, or mobile application. With automated, ‘bot’ traffic quickly eclipsing legitimate user activity at some organizations, IT security teams, along with fraud teams, are keen to implement defenses to detect automated attacks. The goals of these two teams are similar, but their approaches are markedly different.

Continue Reading

Is Stealth Security Cool? Gartner Thinks So.

By Ameya Talwalkar on Jun 4, 2018 2:31:00 PM

Last month Gartner announced its list of ‘Cool Vendors in Application and Data Security, 2018’ and highlighted Stealth Security for being innovative, impactful, and intriguing in the application and data security space. It’s a good feeling not only to be recognized for our innovation but also to see the realities and challenges of bot detection and mitigation highlighted by industry thought leaders.

Topics: News
Continue Reading

Why I Joined Stealth Security

By Larry Link on May 4, 2018 11:23:28 AM

I’m extremely excited to join the Stealth Security team as its new President and CEO. At a time when attacks against online applications are both growing and evolving rapidly, some of the world’s most recognized financial institutions and retailers already rely on Stealth Security’s groundbreaking application security platform to protect their infrastructure and their customers’ data.

Topics: News
Continue Reading

Connect with Stealth Security at MRC

By Stealth Security Team on Mar 19, 2018 2:16:11 PM

With the explosive growth of bots and other automated cyberattacks, it's more difficult than ever for fraud teams to discern between human web interactions and bot activity. For organizations conducting business online, detecting and mitigating automated cyberattacks and unwanted traffic is critical to reducing risk and their fraud team's workload so they can focus on preventing fraud, not on bots. 

Topics: Blog Post Events
Continue Reading

Machine Learning for catching attackers

By Seiji Armstrong on Dec 11, 2017 6:16:00 PM

Hackers use smart tools these days. There is a growing breed of attacks that routinely bypass the web application firewall (WAF), the first line of defence at most internet sites. These attacks appear legitimate to a WAF. So how do you catch a sophisticated web attacker posing as a legitimate client? One answer is to look for inconsistencies in their story.

Continue Reading

Come see us at Botconf17

By Stealth Security Team on Dec 6, 2017 2:41:00 PM

Going to Botconf 2017? Come hear William Glazier present research conducted with Mayank Dhiman. Learn how attackers are using stolen credential leaks, black market toolkits and massively scalable infrastructure to launch automated attacks at scale.
Topics: Events Bots
Continue Reading

CIOReview names Stealth Security among the Top 20 Most Promising App DDoS Solution providers of 2017.

By Stealth Security Team on Oct 31, 2017 2:50:00 PM

"The majority of today’s Distributed Denial of Service (DDoS) attacks are merely a smokescreen, designed not to deny service but to distract from the real motive — usually data theft and network infiltration. In addition to service outages, latency and downtime, short attacks allow cyber criminals to test for vulnerabilities within a network and monitor the success of new methods without being detected."

Continue Reading

OFX: The Next Battleground

By Mayank Dhiman on Sep 12, 2017 7:10:00 PM

OFX (Open Financial Exchange) is an XML based protocol which essentially behaves like an API and enables the exchange of financial information between interested parties. This API has been around since 1997 and is usually used to pull financial information by "aggregators" or client-side software. Common examples include Quickbooks, GnuCash, and Microsoft Money. This API sits on top of HTTP and the communications are always encrypted using TLS. 

Continue Reading

Breaking Bots : the Good, the Bad and the Unwanted

By Stealth Security Team on Sep 7, 2017 2:46:00 PM

Not all bot traffic on your website is bad. Blindly blocking all bot traffic can lead to loss of revenue and bad customer experience. Watch this talk by our CTO and Co-founder Shreyans Mehta at nginx.conf 17 and learn how to break up bots based on intent.
Topics: NGINX Events
Continue Reading