Sanctum, Inc. cited as leader in key web security sector

About 75 percent of hack attacks are at the application level, the place where web site visitors interact with the site. A hacker only needs a tiny hole in the code of a computer program, a web browser, and some …

About 75 percent of hack attacks are at the application level, the place where web site visitors interact with the site. A hacker only needs a tiny hole in the code of a computer program, a web browser, and some knowledge and determination to steal digital property, from sensitive customer data to confidential corporate information. Hackers can play havoc with e-commerce sites by altering prices for goods or services or even shutting sites down completely.

About 75 percent of these attacks are at the so-called application level, the place where e-commerce customers and other visitors enter data into a site and do online transactions, according to the Gartner Group, a consulting firm for the computer industry.

Diane Fraiman, vice president of marketing at five-year-old Sanctum, Inc., a U.S.-based Internet security company using technology developed in Israel, describes these vulnerabilities as being “like a house with open windows.”

“A network firewall is like locking your front door. Sanctum’s products detect and defend the other vulnerable areas,” Fraiman said. Sanctum is headquartered in Santa Clara, Calif., with research labs in Herzeliya, Israel.

In a report published in July, 2002, International Data Corporation, a leading information technology consulting and research firm, recognized Sanctum as the “de facto leader” in the industry that’s sprung up to block these intrusions. IDC projects the so-called web intrusion protection market to grow from $65 million in 2001 to $690 million by 2006.

The typical security for a Web site includes a network firewall between visitors to the site and the server that locks down unused Internet ports. However, port 80, which is used for Web traffic, must remain open since using a firewall to shut it down would also block all Web traffic to the site. Thus, additional protection is needed.

Sanctum has two products designed to bolster security beyond the network firewall. The company’s AppScan software is to be used in advance of an attack to identify the vulnerabilities of Web applications by simulating all the ways the application can be attacked and recommend fixes. The site’s developers can then go in and fix the lines of code that are vulnerable to attack before hackers have a chance to exploit them.

Sanctum’s other product, AppShield, is what’s known as an applications firewall, designed to be deployed while the site is up. It sits behind a network firewall but in front of the site’s server and prevents any type of unauthorized manipulation of the application by hackers.

AppShield will parse a page of computer code and identify the fields where a customer is expected to input characters. If something is submitted other than what is expected in any of the fields, AppShield assumes it’s the work of a hacker and rejects the submission.

It could stop a hacker from breaking in to an online bank account, for example, and transferring the money to another account.

“AppShield is the final line of defense that prevents hackers from getting to the crown jewels,” Fraiman said.

Sanctum’s founders have drawn on the extensive knowledge of Internet security they gained as members of an elite technology unit in the Israeli Defense Forces in developing the two products, Fraiman said.

“The founders of many Israeli technology companies, such as Check Point, came out of the same unit,” she said. “Most of the people at Sanctum’s (research) office in Herzeliya were all in the IDF together.”

The company has an impressive customer base. More than 60 Fortune 500 companies have used Sanctum’s software to protect their web servers. The company’s corporate clients include Bank of America, Wells Fargo, Citigroup, AT&T, Sprint, Verizon, Sears, Yahoo and Israel’s El Al Airlines.

“Since Sept 11, any illegal access to data or transactions through our company Web site is viewed by us as a terrorist act,” said David Yaacobi, manager of information systems security at El Al. “With regular attempted attacks to our site, we view our web application security as critical to our overall security plan ensuring the safety of our customers.”

Sanctum is privately held and has received funding from Dell, Gemini Israel Funds, Fidelity Ventures, Mofet Israel Technology Fund, Walden Israel and other corporate and venture capital sources.