How LANGSEC Works
LANGSEC is the formal process of understanding how data such as content payloads, database queries, operating system commands and more will execute in an environment. The technique is akin to a real-time compiler for data input that is built from the grammar that comprises programming languages, browser rendering engines, database query engines, and operating systems and uses this contextual knowledge to detect and neutralize sophisticated attacks during execution.
LANGSEC Enterprise protection
Prevoty is the first to go to market with an effective runtime solution that utilizes the LANGSEC approach, with its own lexical analyzers, validators and parsers to effectively analyze and identify malicious behavior. Prevoty’s RASP implementation performs the most sophisticated form of application security instrumentation, understanding what content is going to do before code execution and neutralizing threats like cross-site scripting (XSS), SQL injection (SQLi), and cross-site request forgery (CSRF) without using unwieldy patterns or heuristics.