Logic Based Protection

Home / FEATURES / Advanced / Logic Based Protection

Cloudbric’s Logic based protection

Web traffic trail that leads to different numbered points like 1, 2, 3, 25, and 26
Cloudbric’s technology comes from the expertise of Penta Security Systems, the leading website security company in South Korea. The core security schemes of Cloudbric were developed from Penta Security’s Web Application Firewall(WAF) called WAPPLES.

01. Limitations of our competitors’ technology

1st generation web application firewalls use a pattern matching solution with many false positives. It will assume your website is hacked when it  did not actually happen. This error originates from having two simple lists. One list of IPs give access permission, and another list of IPs deny permission to access your website. Based on these lists alone, many firewall services inaccurately block innocent visitors who simply want to visit your website. It is extremely difficult to manage this generation of firewall products. It is also impossible to respond immediately to any new attacks that have not been discovered before. As a result, this generation of firewall products reduces the speed for web service.
Although 2nd generation firewall is more accurate than the 1st, it has long a way to go. The way the 2nd generation firewall works is that it is exactly the same two lists as in the 1st generation, but automated. Even with this method, it takes a long time to analyze traffic prior to making these lists. Furthermore, every time you make changes to the website, it must go through another drawn out period of analysis to make those lists. Although 2nd generation firewall is automated, it still has to be managed by an administrator to make sure it is working properly. As this method is still based on pattern matching, it still can’t protect your website from prospective attacks because it doesn’t learn to predict new attacks.
This is where our product comes in. Cloudbric is built without lists or a pattern-matching system in order to reduce false positives.

02. 3rd Generation Web Application Firewall, COCEP

In order to overcome the limitations of previous generations of firewalls, the Cloudbric Team came up with an innovative method to make a 3rd generation prototype. Unlike previous generations, we use COCEP (Contents Classification and Evaluation Processing) instead of a pattern matching search paradigm which uses the method called signature-based security. In other words, Cloudbric is a 3rd generation firewall that uses a NON-SIGNATURE based product, and we use logical analysis rather than pattern matching. COCEP uses 26 different search parameters to do a detailed and accurate analysis on your website traffic. This process only takes 1/1,000 of a second! As a result, we don’t overwhelm your system at all, and speed will not be affected. By not using a list reduces the pressure on the firewall administrator and preemptively strikes future attacks by predicting the new patterns that arise with time. Low false positives are our biggest strength which separates us from our competitors.

03. Less error with COCEP

COCEP engine reports less erroneous results from errors that my competitors face.
There are two types of error: false positive and false negative. With false positives, your firewall notifies you that your website is under attack when it actually is not. False negative errors happen when your firewall does not catch a hack attack and lets it infiltrate your site.
The 2015 Tolly Report has proven that Cloudbric reports less false positives and negatives than its competitors.

04. PCI-Certified Web Application Firewall (WAF)

Cloudbric’s Web Application Firewall(WAF) is certified by the PCI Security Standards Council. It delivers cost-effective compliance with PCI DSS requirement 6.6 without any hardware or software installation and without changes to your web application.
Cloudbric protects you from liabilities and non-compliance penalties, while protecting your customers’ sensitive data from exposure on your site. The PCI compliance report audits security rules configuration changes and periodically reports on your compliance with PCI 6.6 requirements.

05. Advanced Bot Protection

With the use of advanced client classification technology, crowdsourcing, and reputation-based techniques, Cloudbric distinguishes between “good” and “bad” bot traffic. This lets you block scrapers, vulnerability scanners and comment spammers that overload your servers and steal your content, while allowing search engines and other legitimate services to freely access your website.

06. Market-proven technology

Our company, Penta Security, is a top vendor in Asia for web application firewall products. Established in 1997, we have been recognized and featured in numerous security magazines. In particular, we have 30 patents on COCEP, our search engine for Cloudbric. Our clients include Samsung, LG, IBM, as well as 110,000 other corporations and government agencies.