Protect against Log4J without patching
Learn More
Protect against Log4J without patching
Learn More

blogRecent NewsWeb Application Firewall | Zero Day Attack | K2 Cyber Security


May 4, 2020 By Timothy Chiu, VP of Marketing
New Report Shows Increase in Cyber Attacks

A new study by CyberEdge is reporting a record 81% of organizations have suffered a successful cyberattack last year, up from 76% four years ago. Successful cyberattacks increased despite an increase in security spending and new innovations in security defenses.  The increase in successful attacks should be a wake-up call to organizations that continuing to implement security the same way they always have isn’t enough.  There’s some recognition of this as we discussed in an earlier blog post about the focus on DevSecOps at the RSA conference this year.  Thinking about security before an application goes into production and during the development process is one step in the right direction.

Another step is also to rethink security around the web application itself.  Organizations have long relied on traditional security mechanisms incorporated into ostensibly new deployment architectures, like Web Application Firewalls (WAFs), While WAFs improved on the traditional firewall for web application protection, they still rely on traditional security mechanisms that are based on prior cyber attack knowledge.  These technologies, including pattern/signature matching, heuristics, fuzzy logic, machine learning and artificial intelligence all start with knowledge gained from a past attack to try and predict a future attack.  There’s a fundamental flaw in this approach, and that’s the assumption a new zero day attack will be based on a past attack.

With the ingenuity found in each new zero day attack, it’s more than likely the next big zero day attack will have no foundation in a past attack.  To detect the next new zero day attack we need to change the way we approach security.  We need to look at technologies that don’t rely on past attacks, for example, using deterministic security based on the application itself, rather than past attacks.

K2’s runtime deterministic application security platform monitors the application and has a deep understanding of the application’s control flows, DNA and execution.  By validating the application’s control flows, deterministic security is based on the application itself, rather than relying on past attacks to determine a zero day attack.  Deterministic security results in the detection of sophisticated zero day attacks.

K2’s Next Generation Application Workload Protection Platform addresses today’s need for runtime security in an easy to use, easy to deploy solution.  K2’s unique deterministic security detects new attacks without the need to rely on past attack knowledge, is lightweight, and adds under a millisecond of latency to the running application.  To aid in quick remediation of vulnerabilities, K2 also provides detailed attack telemetry including the code module and line number being in the code being attacked, while at the same time integrating with leading firewalls to do real time attacker blocking.

Change how you protect your applications.

Find out more about K2 today by requesting a demo, or get your free trial.



Share this

Leave a Reply

Your email address will not be published. Required fields are marked *


K2 Cyber Security delivers the Next Generation Application Security Platform to secure web applications and container workloads against sophisticated attacks in OWASP Top 10 and provides exploitable vulnerability detection during pre-production. K2’s Platform is deployed on production servers for runtime protection of applications and on pen-testing/pre-production/QA servers for interactive application security testing to identify the location of the vulnerable code. K2’s solution generates almost no false positives, eliminates breaches due to zero-day attacks, detects attacks missed by traditional security tools like Web Application Firewalls and host based EDR, finds missed exploitable vulnerabilities and dramatically reduces security cost. K2 Cyber Security is headquartered in the USA and provides cyber security solutions globally.


K2 Cyber Security, Inc.

2580 N. First Street, #130

San Jose, CA 95131