Data Theorem Launches Active Protection Suite with Runtime Defense

Data Theorem Inc., a provider of modern application security, has launched an Active Protection suite including observability and runtime defense, delivering comprehensive security across modern application stacks including API, cloud, mobile, modern web and serverless (Lambda) functions.

Organizations need tools that are purpose built for securing modern application stacks to prevent data breaches. Past-generations of runtime AppSec tools (WAFs, RASPs, EDRs) are unable to address critical areas of modern application stacks such as cloud-native applications.

As an example, serverless applications with APIs, such as AWS Lambda, cannot be secured using traditional web application firewalls (WAFs), runtime application self-protection (RASPs), or endpoint detection and response (EDR) agents.

This is because there are no accessible operating systems for agent installation nor traditional network perimeters with ingress/egress points. Data Theorem delivers runtime defenses and observability across its entire product suite, addressing security gaps in modern application exposures commonly found with cloud-native stacks.

According to Gartner, “Optimal security of cloud-native applications requires an integrated approach that starts in development and extends to runtime protection. SRM (security and risk management) leaders should evaluate emerging cloud-native application protection platforms that provide a complete life cycle approach for security.”

Data Theorem delivers comprehensive full stack security for modern applications that starts at the client layer (mobile and web), protects the network layer (REST and GraphQL APIs), and extends down through the underlying infrastructure (cloud services).

Active Protection is a runtime defense and observability offering. It works across Data Theorem’s product portfolio to help customers enable application-layer security defenses across their application stacks.

The runtime defenses include attack prevention, OWASP Top 10 rules, known malicious sources, policy violations of encryption levels, authentication types, authorization rules and a variety of custom rule checks including preventing Broken Object Level Authorization (BOLA) attacks.

Further, organizations need increased observability (logging, tracing, trending) before enforcing security policies because of the dynamic nature of their modern application stacks. Customers can enable Data Theorem’s Active Protection using their SDKs (software development kits), application extensions (Lambda layers), and AppSec proxy (L7 sidecar proxying).

Data Theorem’s Active Protection suite is available for free for existing customers and included in the price for Data Theorem’s suite of API Secure, Cloud Secure, Mobile Secure and Web Secure solutions. For more information, see