The “Iron Dome” of Web Services

“We are here to protect our clients. We know their pain and we are aware that they are constantly under attack, without even one second of respite. We also know that using our services greatly reduces their headache. They can always trust us to guard their services and servers in the best way possible”.

The above was said by Ziv Oren, CEO of Reblaze, established 11 years ago by Eyal Hayardeny and Tzury Bar Yochay to protect web services – sites, apps, and APIs – exposed to attacks in the chaotic cyber arena.

“One of our first employees defined what we do as the 'Iron Dome' of web services”, recalls Oren. “We provide our clients with an advanced cyber platform, and, if needed, manage for them the entirety of their web service security aspects, serving as an extension of sorts of the organization’s information security team. This way, we solve several problems for them. Primarily: the security problem itself. The security threat to organizations is vast and rapidly growing. The dangers are many and come from varied directions: intrusion from inside and outside, intrusion through web services, internal employees, contract employees and sometimes a third party they are working with. The information security manager must answer all these aspects, and this is a vast range of work – and thus a problem. The budget is finite as well and there is very limited manpower. Thus, the ability to recruit cyber experts is quite limited”.

An holistic approach providing powerful capabilities
To fill this vacuum, the company developed an advanced platform permitting the monitoring of each request reaching the web app, understanding if it behaves normally, whether this is a human user or a bot, whether it comes from where it is supposed to come, and whether its behavioral flow is normal. “Analyzing these parameters allows us to deduce if the request if legitimate or not – and thus protect against an applicative attack”, clarifies Oren. “We identify exposure to weaknesses permitting intrusion and taking the system online and become the client’s filter. Anyone visiting their site will go through us, and we will ensue that they will do only what our client permits them to do”.

When a DDOS attack arrives at mass, for example?
“We know how to scale out and filter traffic before it hits the infrastructures and client systems. When a user tries to access the service, it goes through us, and only after we decide this is a valid query – we pass it to the client. Thus, we are gateway, the gatekeeper for traffic. We ensure that only legitimate traffic reaches the server.”.

And in work vs. bots?
"Today there is much use of malicious bots, from data theft to identity theft. An holistic approch provides powerful capabilities, such as managing the clients’ web traffic in a deep manner and protecting it. Specific rules can be established for a field, define the countries traffic is supposed to come from, and so on. It is particularly relevant for bots: the system can identify human and non-human traffic and restrict it. So, we provide tools to the organization to manage and secure the web traffic. We provide a defense system which can sometimes cover for existing web app weaknesses”.

A tailor-made system
Reblaze was established in 2011. Oren joined the company two years ago, after a long high-tech and cyber career. As a soldier and officer, he served eight years in an air force technological unit. Afterwards, he worked in various tech companies and he focused specifically on security. “My knowledge in the field comes from both sides – both the buyer and the seller – so I know very well how the daily life of an CISO looks like. This is one reason I ended up in Reblaze”, he explains. “As we understand the client’s needs, we know how to be flexible and supply him with a customized platform. We know how to provide comprehensive managed service in various, high-performance ways, including regulation compliance and fulfilling business needs. While some competitors offer local installation solutions, our system is SaaS. Using the cloud permits continuous work, both in normal times and under attack.”

Who are your clients today?
“We have hundreds of clients across the world, some of which very large, such as eBay and Forbes, and smaller clients such as hospitals and education institutions. Among our clients, one may find airlines, governmental sites, defense industry sides, and fintech sites, as well as healthcare industry sites. Each has its own sensitivity and each must allow and block different kinds of traffic. We setup a unique VPC (Virtual Private Cloud) for each client, and let it pass through only the legitimate queries defined by the client. One must remember that many clients are under attach by hostile parties and hostile countries, with vast resources at their disposal.

“Recently, we launched a system taking all our capabilities and permitting defense of various services in the client’s Production environment, Client's web apps from both external and internal threats. Such comprehensive security level is rare”.

In collaboration with Reblaze