Software application architectures have undergone a fundamental shift towards client-heavy processing. As software applications have become more client-heavy, the threat landscape has also shifted towards client-side attacks, such as cross-site scripting (XSS), cross-site request forgery (CSRF), web injection attacks, document object model (DOM) based attacks, and others. Such attacks could lead to credential theft, fraud, advertisement injection, malware advertisements, traffic redirection, or large-scale data loss, all of which can result in lost revenue and lower return on investment on advertising and traffic acquisition.
Application-layer attacks are a major vulnerability of the security industry and are one of the largest sources of data breaches. Application-layer attacks exploit vulnerabilities within an application as well as insecure components and insecure coding practices used in building the application. Existing methodologies to protect an application rely on analysis techniques to identify already-published or known bugs and vulnerabilities, and then either requiring the application software developers to fix those bugs and remove the vulnerabilities in the application code, or generating virtual patches that can be configured on network firewalls and intrusion prevention systems to prevent the exploitation of those vulnerabilities. However, this blacklist approach, which attempts to prevent known malicious users, code, or inputs from reaching the application, offers inadequate protection because it only protects against attack vectors and vulnerabilities that have been previously discovered.