Firms team up to thwart Web break-ins

Intelligent Decisions SEWP III

Two vendors are teaming up to provide Web application protection to federal agencies.

Stratum8 Networks Inc., a company that secures Web-based systems from cyberattack, and Intelligent Decisions Inc., a leading systems integrator, will offer Web application security based on the Stratum8 Application Protection System (APS) 100.

Stratum8 announced this week that the security solutions will be available through Intelligent Decisions' Scientific and Engineering Workstation Procurement (SEWP) III governmentwide acquisition contract.

As cyberattacks increasingly target Web application vulnerabilities, organizations are looking for ways to protect their applications from unauthorized access and malicious intent. Stratum8's APS 100 is a network appliance that protects Web servers and databases by learning what constitutes acceptable application behavior and blocking unacceptable interaction with a system, according to Bob Walters, chief executive officer of Stratum8.

The APS 100 has a learning engine that lets users build a statistical model of normal application behavior, Walters said. Technology managers can then develop policies that define correct behavior. For example, a policy may not allow software "cookies" to be modified in a Web browser. "If any behavior deviates [from acceptable behavior], then it is treated as a hack," Walters said.

The APS 100 sits behind a network-based firewall and inspects traffic coming through Internet server port 80 — the port that experiences the majority of cyberattacks — as well as traffic coming out of Web servers, Walters said.


  • Comment
    customer experience (garagestock/

    Leveraging the TMF to improve customer experience

    Focusing on customer experience as part of the Technology Modernization Fund investment strategy will enable agencies to improve service and build trust in government.

  • FCW Perspectives
    zero trust network

    Why zero trust is having a moment

    Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

Stay Connected