Jaeson Yoo, Chief Security Evangelist, Penta Security Systems, Inc
Cyber Security

FUTURE PROOF WEB AND DATA SECURITY

From most of the security breaches that occur these days, it is quite evident that over 75% of all attacks arise from the web application layer. This naturally indicates that the preferred entry point for intruders is the web server, which can be accessed from a remote location. Despite this irreversible damage, the web application layer is often neglected. Although most businesses show concern when it comes to security, the implementation of the same becomes an overwhelming task, even to the most skilled network engineers. To tackle this, a lot of businesses are resorting to utilizing different security-as-a-service (SECaaS) options, which allows for quality security without compromising on the ease-of-use.

With the increased adoption of Cloud and IoT devices, businesses are beginning to realize the importance of securing this new paradigm. With the rise in communication between devices, there is a clear need for the integration of IoT web security and encryption solutions in smart devices. This in turn would ensure that users, infrastructure and devices are all secure before being connected. Since more devices now run more and more critical functions, connecting before implementing security can have significant consequences. These could be any systems, ranging from traffic signals to power grids to emergency alert systems. In short, securing the network, and having a strategy against the attacks to the network once it is connected are absolutely crucial in the immediate future.

Penta Security currently holds over 60 patents worldwide, all of them related to their web and data security solutions

Penta Security has been playing a key role in innovating and providing web and data security solutions for the IoT market. Penta Security’s uniqueness lies in the fact that the organization is a pure play IT security firm. This differentiates it from other security firms that use other companies’ technologies to provide cyber security solutions and services. The company has its own proprietary core technology in three areas, that is, web security, data encryption and authentication. Blocking attacks from outside the network (web security), scrambling communications and important data inside the network (data encryption), and making sure that the right individuals are using the right devices at all times (authentication) are all crucial IT security technologies that Penta Security has been developing and improving over the years. The organization’s experience in these three fields has put them in a position to be able to provide comprehensive technological know-how which is necessary to address the security needs in IoT implementations.

Penta Security currently holds over 60 patents worldwide, all of them related to their web and data security solutions. One of the more significant patents includes the Contents Classification and Evaluation Processing engine, or COCEP. This logic-based detection engine is based on a system of 26 “rules”. It executes a logical analysis of all types of web traffic, to determine whether or not the traffic constitutes a threat to the web application. Because the detection engine utilizes unique algorithms, they are able to provide intelligent protection that doesn’t solely rely on pattern matching to detect malicious traffic. This is referred to as the signature-free technology, and has been applied to many of Penta’s products, including the WAF solution WAPPLES, and the smart car security solution AutoCrypt, among other IoT solutions.

Over the past years, Penta Security has been constantly working to provide security solutions for smart cars, smart homes, smart factories, and even smart energy. While securing various functions within cyber-physical systems and providing authentication and encryption within advanced metering infrastructures may be relatively new concepts for many, it is a challenge Penta Security is facing head on. The company is continuously innovating to respond to emerging threats whether that be in IoT, the cloud, or the web. The organization has always been striving to look forward to the future, constantly trying to figure out its place once the future comes.

Leave a Reply

Your email address will not be published. Required fields are marked *