75% of IT Leaders Lack Confidence in Their Web Application Security
New Research from Cymatic and Pulse Reveals Shortfalls in Common Approaches to WebAppSec
34% of Respondents Use 10+ Products to Protect Web Applications, while 65% of Organizations Experienced Cyber Attacks that Bypassed Their WAF
RALEIGH, N.C.–(BUSINESS WIRE)–#clickclickdone—Cymatic today released new research detailing the state of web application security. Although IT leaders appear somewhat confident in the solutions they currently have in place, reliance on multiple products makes seamless integration of new tools—and therefore overall cyber threat prevention—a significant challenge.
Pulse conducted the survey of C-suite and VP-level executives across information technology and cybersecurity, which found that the most prevalent approaches to web application defense fail to engender the trust required for successful cyber attack protection. Key findings include:
- 91% of executives spend up to a third of their web app technology budget on security, privacy, and compliance activities, but they continue to rely heavily on strong password requirements for cyber attack protection
- MFA, WAFs, and CAPTCHAs are the top technologies most used to protect web applications, at 75%, 74%, and 63%, respectively
- 73% of respondents say account takeovers are the attack scenarios that most concern them
“Twenty-five years spending time and money cleaning up after breaches and hackers whose creativity was always at least one step ahead of network defenses enabled me to see where all the security gaps are,” said Cymatic Founder and Chief Executive Jason Hollander. “We built the CymaticONE platform to fill those gaps and decrease the complexity of current web application solutions, making it faster and easier to protect against modern-day attack vectors.”
The Cymatic platform provides universal in-session visibility and control to reduce risk across web applications, networks, and users while decreasing network traffic loads and eliminating user friction. Instead of just protecting network-based threats like traditional WAFs, Cymatic uses sophisticated artificial intelligence and machine-learning algorithms to identify page mutations and user anomalies. The platform protects against user-derived and device-based threats such as poor credential hygiene, dark web vulnerabilities, and potentially risky devices. It is invisible and frictionless to users, deploys in mere minutes, and has immediate time-to-value.
While many respondents noted obstacles to changing their current web application firewall (WAF) installations, almost 90% of them plan to revisit their investments in the next six to 18 months.
Cymatic offers the only web application firewall (WAF) solution that combines client-side WAF defenses with a proprietary vulnerability, awareness, detection, and response (VADR™) engine to deliver instant and continuous in-session intelligence around devices, users, and locations. Cymatic’s first-look, first-strike capability is earliest in the kill chain, reducing risk across applications, networks, and users while ensuring organizations are compliant with today’s security-driven regulations. The solution is invisible and frictionless to users, deploys in minutes and operationalizes in seconds. Cymatic is headquartered in Raleigh, NC with offices in California and New York. Learn more at cymatic.io and follow Cymatic on Twitter and LinkedIn.