Detect and Stop Serverless Application Attacks with Accuracy & Speed
The Protego serverless security solution continuously scans your serverless infrastructure, code, and runtime environment. Utilizing machine-based analysis and deep learning algorithms, Protego builds a model of normal application and function behavior to detect and stop application layer attacks.
Automatically Profile Function and Application Behavior
Protego continuously monitors your serverless application activity and automatically creates a white list of actions and interactions on a resource level.
- Discover and visualize serverless application structure, behavior & flow
- Automatically generate a white list of ‘good behavior’ including system access, external communications, triggers and more.
- Define custom policies and enforce behavior on a per function level.
Trigger Agnostic Application Layer Protection & Forensics
Protego’s Function Self Protection detects, alerts & stops application layer attacks such as the Serverless OWASP Top 10 and anomalous activity independent of the attack trigger.
- Detects & stops application attacks such as SQL & Injection and others, independent of input source
- Detect & stop anomalous & malicious actions (e.g calling an external destination) or interactions (calling a sub process)
- Move from alert to prevent mode and vice versa in real time
Serverless Security Platform Integrations for Alerting & Forensics
Get real time alerts, view an audit trail for events in full context, unmask compromise indicators and analyze event context.
- Pre-built Splunk and cloud watch integration for analysis and audit
- Pre-built integrations with tools such as Slack and Jira for security incident alerts
- Full REST API access allows integrations with other systems
Unified View of Serverless Application Posture & Forensics
The Posture Explorer provides a single, comprehensive view of your entire serverless ecosystem
- Application and function view of all inputs and triggers
- Detect & alert on configuration issues, such as unlinked triggers and unused resources
- Security-focused visualization of potential risk areas
- Clear indication of posture score and status