Tala Security Web Application Runtime Protection (WARP)

Web Application Information Modeling A comprehensive inventory and architecture analysis of web application behavior Tala uses dynamic crawling and lightweight static analysis to automatically analyze enterprise web applications to extract and evaluate 150+ fine-grained, security-relevant behaviors on each page. Tala’s patented engine automatically identifies the sources of code and content on each page, as well as sensitive data exchange. This analysis is used to build a comprehensive behavioral model of the web application, forming a baseline risk assessment of whether the site is vulnerable to advanced attacks, third-party compromises, customer data loss or disruptions in customer experience. The model provides continuous feedback into Tala’s automation engine that continuously tunes standards-based policies that detect client-side attacks. Automate Standards-Based Controls Comprehensive “Defense in Depth” without the implementation challenges Tala protects web applications by automating security standards, including CSP, SRI, HSTS and more. No other solution on the market provides the breadth of coverage and resilience to the ever-evolving attack landscape that Tala does, with absolutely no impact to website performance. Tala’s AI-powered engine automatically formulates the most precise policies to protect your website, based on page artifacts, script behavior and user device features. Our automated approach eliminates the technical expertise and operational overhead required for implementing standards-based policies and significantly reduces alert volumes for manageable operations. Block Threats in Real Time AI-powered security analytics and incident management Each browser session (mobile or PC) that connects to a Tala-protected web application dynamically receives protection policies in runtime. These control the behavior of all JavaScript code as it is executed on the client browser. Tala provides real-time visibility into the attack surface, and applies runtime protection via native browser controls. This is accomplished through the continuous application of advanced analytics, machine learning and heuristics to real-time threat intelligence, application information model and telemetry received from browser sessions.