Are your online activities safe?

Web services and applications finally protected
with Pluribus One WAS®

Secure your business

Pluribus One Web Application Security® is an on-premise solution for monitoring and protecting web services, designed to ensure the security of critical web applications. Thanks to Pluribus One WAS® it is possible to:
Monitor and protect the infrastructure in a few steps
Make web services safe, through a customized model
Keep full control of data and privacy
25
Based on 25 years of experience
and know-how in Cybersecurity,
Machine Learning and Artificial Intelligence
2000
More than 2000 web services
constantly monitored and protected
at our customers
5
5 years in the cybersecurity market,
ever-growing
and constantly updating

Discover the effectiveness of our next-generation solution for the protection of Web Services

 NO IMPACT

Non-invasive and parallel structure

Pluribus One Web Application Security® is designed to enable, without requiring changes to the IT infrastructure that provides the Web Service, a highly specialized and effective level of traffic analysis and threat detection.

For them being able to detect attacks (and eventually stop them), the traditional Web Application Firewalls must be inserted in-line with the infrastructure which provides the services. This, unavoidably adds complexity to the infrastructure, which already consists of various components.

Pluribus One WAS® is instead designed to work in parallel with the existing infrastructure, in a NON-invasive way. The chance to exploit existing solutions (e.g. Web Server, Reverse-Proxy, Application Delivery Controllers, Load Balancer) as data sources, immediately allows starting monitoring services and detecting the first attack attempts within a few minutes.

 
PRIVACY

Full control of data and privacy

Pluribus One WAS® guarantees an absolute control of traffic data relating to the monitored services. All traffic data, useful for detecting possible threats, is locally stored by the solution, without having to pass your traffic through external or third-party infrastructures to benefit from the monitoring and protection features.
A big difference compared to what happens with WAF As-a-Service solutions and appliances (both physical and virtual), which instead require an external platform for threat analysis.
The Artificial Intelligence and Machine Learning modules available to Pluribus One WAS® are designed to run locally (directly on the Virtual Appliance on which the system is installed) and to build a protection model that is specific to the monitored services.
This means that the Artificial Intelligence onboard Pluribus One WAS® does not provide for the centralized collection of traffic data by Pluribus One and the consequent release of signatures and protection rules; rather, it provides the ability to locally learn the behaviour of the services and to build around them a dedicated protection model.

 
COMPATIBLE


Pluribus One WAS® can interact with three types of objects:


The list of supported products is constantly under update. Contact us for more info.
 
 
AUTONOMOUS

What protects?

From single servers to cloud systems, the scalability of Pluribus One WAS® allows the integration with any environment.
Unparalleled protection and detection capabilities, customizable and tailored on every infrastructure.

At the same time, this autonomy gives Pluribus One WAS® users the possibility to interrupt and cancel the service at any time, without worries, without consequences, and keeping the availability of their data.

 
EASY

Automatic reports

Thanks to reporting plugins, Pluribus One WAS® guarantees the possibility to define and periodically produce automatic reports. It is therefore possible to obtain easily (and periodically planned) reports that allow the implementation of the most appropriate interventions to guarantee the safety of the monitored services. With just a click, relevant data can be easily exported to standard formats, and further analyzed with external tools.

Easy installation and management for any operator or system administrator

The installation procedure of Pluribus One WAS®, available for the most widely used Linux distributions, is strongly guided and automated, and allows a quick set up in a few minutes. Software updates are automatically distributed by Pluribus One to ensure prompt availability of new features as soon as they are implemented, and immediate updates in the presence of problems or bugs.

Intuitive Graphical User Interface

- The revised Pluribus One WAS® GUI makes the governance of the monitored Web Services an easy task. The dashboard constantly provides comprehensive information regarding the status of the Web Services, allowing to identify promptly critical conditions and attack attempts.
- In the presence of anomalies, the interface explains to operators, reasons why an alert has been raised: this increases the accountability of Pluribus One WAS®.
- Detected threats can be easily inspected by means of the Pluribus One WAS® GUI, which besides providing detailed information, also features granular filtering capabilities.
- The interface also allows to constantly keeping under control the status of Pluribus One WAS® and of the hosting machine.

 
MADE IN ITALY

Italian excellence, European discipline

Pluribus One Web Application Security® has been entirely conceived, designed, and developed in Italy by an Italian company that has its legal and operational headquarters in Europe. It was therefore designed from the beginning to comply with the European Regulation for the Protection of Personal Data (GDPR) which nowadays represents, in the international scenario, probably the most important reference legislation for the protection of personal data and privacy of people.

Immediate assistance, just a click away

The customer support services made available by Pluribus One are also provided by Italy, with the guarantee of highly qualified support and extremely short response time.

 
PCI-DSS COMPLIANCE

Secure transactions, relaxing e-commerce

For web services involving payment applications, it is necessary to comply with the Data Security Standards defined by the Payment Card Industry (known as PCI DSS regulation) relating to credit card processing. Requirement 6.6 in particular suggests the adoption of an application firewall solution to prevent SQL Injection attacks, that could exploit any application vulnerabilities to gain access to credit card data. Pluribus One WAS® not only allows to detect such attack attempts, but also to create, through a quick and guided procedure, virtual patches through which prevent the exploitation of any vulnerabilities that may be present.

 
SAFE

What detects?

Pluribus One WAS® is able to protect Web Services against malicious requests that, leveraging vulnerabilities, poor and misconfigurations of such Services, put at risk the services themselves as well as the data they manage:

  • Attacks in the OWASP Top 10
  • Injection attacks
  • Cross-Site Scripting (XSS)
  • Sensitive Data Exposure
  • Phishing
  • Zero-day attacks

 
SMART

Artificial Intelligence behind your applications, Machine learning behind your protection

Smart and sophisticated, it automatically learns thanks to its detection engine based on Artificial Intelligence and Machine Learning.
Pluribus One WAS® automatically learns the legitimate (normal) traffic profile by observing its live traces and works in three steps:
- Learns the profile of legitimate traffic;
- Detects anomalous events to highlight computer attacks;
- Protects web services according to the detected anomalies, with custom protection rules.

Safe by design and explainable

The AI exploited by Pluribus One WAS® is designed to be safe (more resilient against attacks which attempt to evade the detection mechanism) and explainable (in the presence of  anomalies, it explains to the operators the reasons why an alert has been raised).

 
MONEY SAVING

The WAF that doesn't need a WAF

Web services today represent a strategic asset for plenty of organizations, including both public and private ones, toward the provision of services to their customers and for enabling highly efficient internal processes and smart working methods that are increasingly needed. Ensuring the protection of these services against cyber-attacks is an essential element in this context, as publicly exposed services are continuously subject to attack attempts of various kind, both automated and manual.
Web Application Firewalls (WAF) are, in this context, the solution responsible for ensuring application security. To properly work, the WAFs must be inserted in-line with the infrastructure which provides the services, adding complexity to the infrastructure, which already consists of various components like the Application Delivery Controller (ADC), the Reverse Proxy, the Load Balancer, and the perimeter Firewall. This complexity is not justified in many cases, especially in cases where the WAF replicates functionalities yet made available by the other components already present. In general, therefore, there is a risk of overcomplicating the existing infrastructure and consequently of generating unnecessary costs and risks.
Pluribus One WAS® goes beyond this model, focusing entirely on the prevention and detection of attacks, and thanks to the possibility of operating parallel to the already existing infrastructure, allowing significant time saving even for less experienced operators.

It satisfies security needs even on obsolete services or no longer updatable applications

Another distinguishing feature of Pluribus One WAS®, that makes it suitable for the business needs of every company, is its ability to protect services and applications that are now obsolete or no longer updatable. This avoids the constant chase in search of new bugs, the continuous integration and development of new patches and new updates. Pluribus One WAS® protects even dated applications in a personalized way, allowing significant time saving for operators or system administrators.

SAFER AI FOR A BETTER WORLD

Forget the Web applications vulnerabilities

Traditional Firewalls and Intrusion Detection Systems can do nothing in terms of protecting Web Applications during operations, as they inspect the traffic at a level which is actually not that of the application. Similarly, standard Web Application firewalls based on pre-configured sets of signatures can offer very poor protection, since they can eventually detect standard vulnerabilities (such as for instance those of a standard Content Management System installation) but not those present in custom application.

Forget the rules

Pluribus One WAS®
rewrites them

Using its Machine Learning Engine, Pluribus One WAS® is able to reconstruct autonomously the logic behind the monitored Web Services. This is what makes Pluribus One WAS® different from other Web Application firewalls. There is not any pre-configured set of rules, which may be eventually effective only in protecting applications distributed on a large scale (such as, for instance, standard CMS installations). The protection model of Pluribus One WAS® is built around the monitored services, which can be then effectively protected even against attack exploiting ad-hoc and non-public vulnerabilities.

Forget the vulnerabilities of
AI-based technologies

Our AI is safe by design

Leveraging the Pluribus One leading research on Security of Machine Learning, Pluribus One WAS® features an improved AI-based detection engine with increased capabilities of:
- Detecting attacks against the monitored Web Services: this offers enhanced protection and coverage against a broader range of attacks; ad-hoc detection algorithms can be also defined, upon request, to meet specific needs.
- Ensuring the safety of the learning and detection process: this makes Pluribus One WAS® more resilient against attacks who attempt to evade the detection mechanism.
- Explaining the operators, in presence of  anomalies, reasons why an alert has been raised: this increases the accountability of the solution.
Web applications, being often exposed in the wild, are continuously subject to scans and attack attempts. A number of highly automatized tools and services is in fact available which allows also the less experienced hostile users to identify trivial bugs and vulnerabilities in the applications and eventually to exploit them. When this happens, the application and the data it manages are put at a high risk, since the is barrier to overcome to compromise the application results very low.

Firewall, IDS & IPS can’t detect attacks against the WebApp as they do not  look at the right level on the stack.



In order to stop attacks which are caused by vulnerabilities at the application layer, it is necessary to deploy in front of the WebApp a component able to look at what the WebApp receives and interprets as an input.
A WAF which is not aware of how the application is expected to work and what to take as inputs, CAN’T detect attacks. If the WAF relies on pre-configured sets of signatures generated from a set of widely used standard applications and components, it is intrinsecally ineffective against custom applications.


The only way to effectively protect Web Applications during operations is to reconstruct from the traffic the logic based on which the application has been developed and works.
Pluribus One WAS® does actually such kind of work, leveraging Machine Learning and Artificial Intelligence to analyse and model the traffic incoming toward the Web services and automatically, to learn how the application is expected to behave and work, and to generate virtual patches and protection rules tailored on the monitored applications.

The best teams have the best defenses.
Together we will be a great team.

Wanto to see a
live demo?

Schedule a trial

Contact us for further information.
Our staff will contact you as soon as possible to schedule a live demo.

Info

Pluribus One S.r.l.

Via Bellini 9, 09128, Cagliari (CA)

info[at]pluribus-one.it

PEC: pluribus-one[at]pec.pluribus-one.it

 

Legal entity

Share capital: € 10008

VAT no.: 03621820921

R.E.A.: Cagliari 285352


 

University of Cagliari

  Pluribus One is a spin-off

  of the Department of

  Electrical and Electronic Engineering

  University of Cagliari, Italy