Can websites use judo logic to defend themselves, turning one of their attackers’ key strategies against them? That’s the idea behind a new product that shields websites by continually morphing its visible code, creating what some have described as the first “botwall.”
As Shape Security VP of strategy Shuman Ghosemajumder told VentureBeat, a ShapeShifted website and a malware attack use “the same fundamental concept of polymorphism, but the implementation is different.”
ShapeShifter’s polymorphism, he pointed out, is conducted in real time, while “malware changes code only when it installs, because it’s trying to change its signature.” CEO Derek Smith told news media that his company’s focus is on “deflection, not detection.”
Does this replacement of the original code reduce a website’s performance? Ghosemajumder said there is “minimal latency,” adding that the process is transparent to website management. End users see the original user interface.
Currently, Shape Security’s solution is being offered as a hardware appliance, but a cloud-based version is being developed. The product is being targeted at major websites in financial services, health care, and major e-commerce at prices north of a million bucks.
VentureBeatVentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative technology and transact. Our site delivers essential information on data technologies and strategies to guide you as you lead your organizations. We invite you to become a member of our community, to access:
- up-to-date information on the subjects of interest to you
- our newsletters
- gated thought-leader content and discounted access to our prized events, such as Transform 2021: Learn More
- networking features, and more