How It Works
Telepath’s patent-pending machine-learning algorithms analyze threats within the business logic layer. These algorithms enable unsupervised machine-learning, automatic scaling of thousands of parameters (noise reduction), and dynamic modeling of user population behavior.
Modeling “typical” sessions, Telepath scores each new session for anomalies, based on deviations from the norm, as deduced by its behavior analysis algorithms coupled with the latest threat intelligence. The big data engine provides superior investigative capabilities to forensic analysts by identifying and cross-correlating seemingly unrelated campaigns and attackers.
The system examines every activity within the website’s operations including population-wide and individual user behavior, typical application workflows, and web service interactions. It monitors, records and filters incoming and outgoing HTTP web traffic, parsing, tokenizing, and analyzing it in real-time, producing better, more accurate results with fewer false alarms then other solutions. The HTTP focus includes typical data structures such as JSON and XML, static and canonical URLs, as well as RESTful web service APIs.
Ready out of the box, Telepath has a minimal impact on existing infrastructure, easily integrates with existing systems, and sends alerts to SIEM software.
The solution deploys both on the cloud and within the customers’ own IT infrastructure/hybrid environments.
What it Does
Telepath employs a multi-layered approach to uncover fraud, application abuse, automated bot-nets and hacking attempts on web applications that are undetectable by traditional security tools.
Its advanced machine learning algorithms, easily customizable policy rules, web behavior analysis, open source intelligence feeds, and out-of-the-box rule base provide real-time detection and prevention of web application attacks as well as robust forensic and analytic capabilities.
It integrates continuous intelligence updates of malicious client IP addresses, augmenting this intelligence with an ongoing knowledgebase of IP reputation, based on its analysis of client interactions with websites.
The solution learns the semantics of legitimate activities using user behavior analysis to determine when fraudulent activity occurs, categorizing unknown behavior, even without signatures. It reviews all web traffic, including malicious and not-easy-to-identify anomalies.
Telepath examines activities at the granular level, examining where individual customers are coming from, the speed at which they review the application, their navigation patterns, the text they submit in forms – modeling what normal users are doing and flagging what’s not normal or what is suspicious and/or malicious.
It stops advanced bots and attack tools by detecting “machine-based” abnormal behavior, eliminating post-account-takeover attack losses. The system is invisible to the network, watching and securing without interfering, simplifying complex analysis and delivering a clear picture via a friendly UX.