BreachGate™ Detect Application Security Appliance Protects Organizations From Key Security Business Concerns

Identity theft, information leakage, privacy, regulatory concerns and risks from software development outsourcing top list of customer security concerns

CARLSBAD, Calif., ~ November 22, 2004 ~ Breach Security Inc., an emerging leader in deployable application security solutions, today announced the availability of BreachGate Detect, the newest member of its BreachGate family of application security appliances. Designed to protect large corporate and commercial applications from attacks by human and automated intruders that can result in identity theft, privacy and regulatory violations, BreachGate Detect is a non-intrusive, highly deployable appliance that can be implemented quickly and at remarkably low cost of ownership.

BreachGate Detect enhances network layer security at the application layer by monitoring and controlling traffic as it enters and leaves the application. It responds to the increasing demand from customers related to identity-theft, information leakage, privacy infringement and other security business initiatives.

“The business world now lives and breathes electronic information, and today’s companies cannot afford to lose the confidence of their customers or to invite the scrutiny of federal regulators when that information is considered private. Private information must be protected – period,” said John Payne, chief executive officer for Breach Security. “BreachGate Detect offers a low-cost, highly deployable and automated means to monitor and manage application security – quashing concerns about information leakage and the attendant demons of compromised confidentiality, identity theft and fraud.”

Top Security Business Initiatives

According to Payne, Breach customers have identified a dozen major security business initiatives found in almost any responsible organization with Internet facing applications. The top three areas are:

• Identity Theft & Information Leakage: Large companies who maintain databases of customers, prospects or other individuals are very concerned about having the private information of those individuals misappropriated and used in identity theft activities.
• Privacy & Regulatory Compliance: Governmental regulations – including HIPAA initiatives, Sarbanes-Oxley, California Senate Bill 1386 and Assembly Bill 1950, GLBA and others – focus on privacy and require the implementation of security safeguards.
• Software Outsourcing Initiatives: With application software for large enterprises now developed by teams spanning multiple organizations and political/physical geographies, there is significantly increased risk of application security holes. BreachGate lowers this security risk by providing a safe, third-party security layer around large projects that identifies any anomalous application behaviors, including use of secret back doors and other high risk security incidents.

Other business security risks at the application layer include industrial and military espionage, revenue protection and business continuance, deployment of web interfaces for core IT systems, isolated departmental application initiatives, secure content delivery and brand protection and customer confidence initiatives.

According to a recent Federal Trade Commission survey, about 3.3 million American consumers discovered within the last year that their personal information had been used to open fraudulent bank, credit card or utility accounts, or to commit other crimes. Collectively, these cases cost businesses $32.9 billion and consumers $3.8 billion.

“Identity theft and misuses of private information have been major concerns to large companies maintaining databases of people,” said Glenn Coles, director of software development at Kelley Blue Book. “BreachGate’s innovative system presents a unique opportunity to solve these concerns by monitoring application performance and controlling both what enters and leaves the application at extremely low costs of deployment.”

Key Differentiators for BreachGate Detect

Unlike failed application security approaches of the past, which required arduous, manual, error-prone and costly policy development and monitoring, both at deployment and every time an application change was made, BreachGate Detect utilizes unique Adaption™ Behavioral Learning technology, an automated and adaptive learning process that is sensitive to acceptable behaviors in applications, even as they change.

BreachGate Detect further monitors and controls requests that enter the network and any response that leaves the network using its patented ExitControl™ technology. BreachTrails, a feature of the ExitControl technology, matches request and response pairs in a forensic archive when a breach is identified that dramatically reduces disclosure cost and risk in those events where a breach does occur. BreachGate’s unique hybrid detect/prevent architecture combines with the power of its adaptive learning technology to create a new class of truly deployable and affordable application security products.

Pricing & Availability

BreachGate Detect Version 1.0 recently finished a comprehensive field test among initial customers and is shipping now. Pricing for BreachGate Detect starts at $25,000 USD.

About Breach Security, Inc.

Breach Security, Inc. is a leading provider of next-generation web application security that protects corporate-critical information. Breach effectively protects web applications of commercial enterprises and government agencies alike against Internet hacking attacks and provides an effective solution for expanding security challenges such as identity theft, information leakage, and insecurely coded applications. Breach’s solutions are ideal for any organization’s regulatory compliance requirements for security.  Breach was founded in 2004 and is headquartered in Carlsbad, Calif. For more information visit: www.breach.com.

# # #

Media Contacts:

Breach Security, Inc. U.S.

Dan Chmielewski, Principal
Madison Alexander PR, Inc.
dchm@madisonalexanderpr.com
(949) 231-2965