BugSec invests extensive resources in the research and development of innovative information security products in order to meet the rapidly evolving needs of the Internet and of increasingly sophisticated information systems, in which Web applications hold new meanings, and users are given numerous tools and broader access options to the organization's databases. At times, the increase in functionality and the wide access possibilities may become vulnerabilities, when the user is an attacker with ill intent, for whom the organization's systems are ill prepared.
BugSec, which specializes in this field, places emphasis on the development of unique products that ensure effective, focused solutions, which are, at the same time, straightforward, and do not unnecessarily burden the existing infrastructure layers, which are complex enough as it is.
The research carried out at BugSec is influenced by the great amount of information available to us and our in-depth understanding of the problems organizations face in the "real world"; they are not laboratory solutions that are isolated from the working environment. On the contrary, our research activities continuously takes into consideration events occurring in the field, and aims to resolve information security problems – both existing and anticipated – in the quickest, most cost-effective manner. BugSec's products also provide the company's clients with significant added value, which is expressed in specific solutions that do not require the investment of extensive financial resources, yet meet the broad security needs of the organization.
BugSec's innovative solutions, developed in-house, provide our clients with unique, creative solutions based on a variety of protection methods, in two main areas: WebSniper which adds three protective layers to protect the Web environment:
- The client using the Web application
- The Web servers
- The Web application
WebSniper was developed and tested by BugSec in order to provide an appropriate solution to the problems existing in the Web environment, at a lower cost than other products developed for this purpose and presently available on the market.
WebSniper prevents data leakage from the server and the client, identifies (and can also block) illegitimate actions by learning the clients' action norms and prevents known attacks (via a pool of signatures for the various attacks), and unknown attacks (by learning the clients' actions and analyzing irregular patterns of certain actions).
PD Scanner is a system developed to identify and monitor phishing attacks directed at the clients' customers. It checks the URLs of web sites that are similar to the URL of the organization's site, identifies phishing attacks by searching for key words in various data bases and analyzing the results, and subsequently issues a report with screen shots and URLs of the phishing sites.
BugSec regularly updates its products and provides ongoing support to upgrade them, to enable precise identification of the new attacks.