Overview

Polaris story

Why Polaris?

  1. There are many Web Application Firewall out there. They promise a magic product could prevent hackers from attacking the customer systems.

  2. We are different - we do not promise a magic but achievable and affordable solution.

  3. A biggest mislead in the industry that Security is a pure Technology issue. In fact, it is a Economic problem.

  4. The key point of security is raising the cost of attack your system high enough to convince everybody that it is not economic feasibility.

  5. A simple example is have a very long and complex password. The complex password is not unbreakable but it could take attackers spend a huge computer power and time. So it is nonsense to use a such effort just to read your personal emails.

  6. Our Polaris solution try to solve security issues with the view of economic problem:

    1. Optimization: spend little but get a best cost of attack. So in war of attrition, hackers going to run out of resource before us.

    2. Persistent: every security products have it’s effective decline by time due to technology progressive. 20 years ago, it was not practical to break MD5 hashes, but today it could be resolved by a single computer in hours . Polaris always keep cost of attack edge against hackers.

    3. Collective defense: Polaris share knowledge, intelligence and effort to all customers so reduce security investment of single customer while increase dramatically cost of attack to their system.

  7. By optimize the cost of spending on security and increase the cost of attack against customer’s systems, Polaris able delivery a achievable and affordable WAF solution.

How Polaris works?

  1. Like many WAF, Polaris provide web application protection with OWASP core rules. Polaris also have it’s own security lab to detect and provide new rules to adapt with latest security issues.

  2. Like some advance WAF solution, Polaris apply Machine Learning to detect zero-day bugs or abnormal behaviors.

  3. If stop here, WAF only raise enough cost of attack to prevent untargeted attacks. Every minutes, a website could be received a thousand untargeted attacks from every corner of the world. Normal WAF can turn away amateur hackers who don’t want to spend time in more secure system.

  4. If your system is more value or attackers have more motive, they don’t stop here and try to work around. Unfortunately most of WAF give wrong impression that hackers stopped and they go away. In fact, they just do some probe and analyse your protection system to find weakness.

  5. Polaris not stop at block and detect abnormal activities. it continue to track the attackers through IP addresses, browser and device identification. If Polaris learn the activities is targeted attacks, it will initiate a incident response process to follow up.

  6. Most of targeted attacks or advanced persistent threat could be certain actors (nation or group) and they use to target similar targets (and maybe similar techniques). Polaris able apply same rules for other customers to protect them even before they are attacked.

  7. Finally, Polaris is not just a rule-based automation system. It is a platform to connect customers with wide range security services which involve with real security experts. More or less, security is struggle between human and human. In many cases, you still need someone look after the issues.

  8. In advance mode, Polaris not only a WAF but also a Security Operation Center (SOC).

  9. SOC level 1 is WAF itself which automatically analyse web access log to raise security issues.

  10. SOC level 2 must be a security expert looking the issue and intelligent information from Polaris to identity the threat (untargeted or targetted attacks, amateur or well-fund professional)

  11. SOC level 3 must be a security expert to advice or handle the serious threats - could be make dramatically changes, fix code, upgrade customer system or even counter-attack (bring down COC servers)

  12. SOC level 4 leadership - it is customer who make decision on funding the resource - do it in house or hire a service.

  13. Polaris is not just a WAF which simply not enough to stop serious security threats. It is a service-based platform which combine both automation system and human to provide a workable solution

PreviousDashboard

Last updated