Service sector

The current issue

Service sector is of paramount importance in modern economies. Web architectures progressively dominate in these industries. In bank and insurance lines of business, these technologies are being adopted but are increasing exposure. Main features of this activity :

  • Raw material is information which is usually highly confidential or critical, it requires integrity, access continuity, availability. These information and financial flows attract cyber-criminals. An experiment achieved by Pansec, an IT security consulting company, showed that an on-line banking website received 200 daily attacks as soon as it was opening.
  • external demand evolution : services to customers multiply, internet becomes a privileged way to communicate and provide ADDED VALUE, on-line displays, stock purchase and portfolio management, personal info consultation, e-commerce, ... imply value creation AND threats
  • internal demand evolution : web architectures, also called multi-tiers are very convenient to service industry : many remote and decentralized locations, flexibility to split 'IT tasks' : information presentation, storage, computation, communication

BinarySEC offers a perennial solution

  • BinarySEC equation is simple : potential attack = unexpected request = abnormal traffic. Consequently, BinarySEC modelizes normal traffic, then rejects abnormal traffic
  • Attacks often start with IP address and machine scan, then requests testing applications availability are sent, then targeted exploits. In all cases, traffic is abnormal so it is blocked an logged
  • BinarySEC installs directly on the web server and learns normal traffic for THIS specific application. So it refines its experience base for THIS specific server and it adapts its protection. This very close and dedicated shielding reduces false positives rate and increases efficiency. The experience base (ie learning achieved by the AI engine) of a Content Management Server - for instance using Joomla or SPIP - will differ from a data presentation server
  • Multi-server monitoring and statistics features enable to control tens of servers from a single web interface