Data Theorem, Inc., a global leading provider of modern application security, announced the industry’s first Active Protection package, which includes observability and runtime defense and provides comprehensive security for API, mobile, modern web, cloud, and serverless (Lambda) functions.

To prevent data breaches, organisations today require technologies that are specifically designed for securing modern application stacks. Runtime AppSec technologies in the past (WAFs, RASPs, EDRs) were unable to cover crucial sections of modern application stacks like cloud-native applications. Traditional web application firewalls (WAFs), runtime application self-protection (RASPs), and endpoint detection and response (EDR) agents, these cannot secure serverless applications with APIs, such as AWS Lambda. This is due to the lack of readily available operating systems for agent installation, as well as typical network perimeters with ingress/egress points. Data Theorem’s whole product suite now includes runtime protections and observability, addressing security gaps in modern application exposures typical in cloud-native stacks.

Data Theorem is the first to provide full stack security for current modern apps, starting with the client layer (mobile and web), protecting the network layer (REST and GraphQL APIs), and extending all the way down to the underlying infrastructure (cloud services).

“Data Theorem’s Active Protection is the first in the industry to provide comprehensive security across today’s modern application stacks. Application environments are more dynamic when leveraging cloud services requiring increased telemetry. Organizations need to discover their growing attack surfaces as their cloud adoption grows. We are not aware of any other vendor delivering active protection runtime defenses and observability across cloud-native, mobile, modern web, and serverless applications,” said Doug Dooley, Data Theorem COO.

Data Theorem’s extensive AppSec portfolio secures companies against data breaches with application security testing and protection for modern web frameworks, API-driven microservices, and cloud resources. Its solutions are driven by the company’s award-winning Analyzer Engine, which utilizes a unique sort of dynamic and run-time analysis that is completely implemented into the CI/CD process and allows enterprises to undertake continuous, automated security inspection and remediation.

Its solutions are driven by the company’s award-winning Analyzer Engine, which utilizes a unique sort of dynamic and run-time analysis that is completely implemented into the CI/CD process and allows enterprises to undertake continuous, automated security inspection and remediation.