Cequence Security Expands Its Security Platform with CQ appFirewall

New security module leverages the platform’s CQAI analytics engine to bring much-needed innovation unavailable in legacy web application firewalls

  • Jun 05, 2019

Cequence Security, a provider of innovative application security solutions for today’s hyper-connected enterprises, today announced it has expanded the capabilities of its Application Security Platform with a new security module - CQ appFirewall. This new module will leverage the intelligence of CQAI, the patented analytics engine within the platform, to automatically detect and defend against attacks that exploit known and unknown application vulnerabilities – and even eliminate the need for WAF signatures.

The Cequence Application Security Platform, originally launched in November 2018 with CQ botDefense, leverages the application intelligence generated by CQAI to detect and defend against automated attacks that appear to be legitimate as they target the application business logic itself. CQ appFirewall takes full advantage of the same application intelligence to provide non-stop security, even with continuous application updates and modifications by DevOps teams. CQ appFirewall will complement CQ botDefense to deliver comprehensive application security that is effectively “baked in” to the web, mobile, and API-based application tier.

“We actually solved the hardest security problem first, stopping malicious bot attacks with our initial module, CQ botDefense,” said Ameya Talwalkar, Chief Product Officer and co-founder of Cequence Security. “With CQ appFirewall, we have significantly extended the platform’s value with innovations that overcome the inherent security limitations of traditional WAFs. When customers deploy both security modules, the platform will not only prevent attacks targeting their web, mobile, and API-based applications, it will also help eliminate unwanted application traffic on their network.”

CQ appFirewall includes support for OWASP Top 10 and PCI DSS Section 6.6, which address basic vulnerability protection and compliance requirements that customers expect from their WAF. But the new Cequence Security module goes well beyond that with several important innovations:

  • Discover - Automatic discovery of all web, mobile, and API-based applications that could be targeted with targeted attacks that exploit application vulnerabilities. This eliminates the need to continually monitor and update traditional application and threat signatures. In addition, it provides discovery and lockdown of misconfigured applications that should not be exposed to the Internet.
  • Detect – Leverages the multi-dimensional analysis of CQAI to fully understand normal application transaction, also known as syntactic behavior, and creates a unique profile between external clients and the customer’s web, mobile, and API-based applications. Any abnormal transactions – including those targeting zero-day vulnerabilities – are automatically detected and blocked, without the need to create a new WAF signature.
  • Defend – In addition to block and alert as response options, CQ appFirewall allows customers to defend against attacks using rate-limiting, geo-fencing, and deception techniques that convinces the bad actor the attack was successful, when in fact it wasn’t.

The need for these advanced features was recently validated in a report Cequence Security published with Ponemon Institue and based on data collected from WAF users in nearly 600 US organizations. “The research clearly reveals WAF dissatisfaction in three areas,” said Dr. Larry Ponemon, chairman and founder of Ponemon Institute. “First, organizations are frustrated that so many attacks are bypassing their WAFs and compromising business-critical applications. In addition, they’re experiencing the pain of continuous, time-consuming WAF configuration and administration tasks. Lastly, they’re dealing with significant annual costs associated with WAF ownership and staffing.”

“We’ve definitely addressed the security concerns raised in that report,” said Shreyans Mehta, CTO and co-founder of Cequence Security. “In addition, by combining AI-driven bot defense and application firewall capabilities within the same platform and a single pane of glass for management, we’re enabling our customers to reduce architectural complexity and improve staff productivity. And the open architecture of the platform makes it easy to share relevant data with other security tools, such as SIEMs or anti-fraud systems.”

A recent report from Gartner states: “Considering the range of exploits and abuse that can occur with web and mobile applications and web APIs, technical professionals must leverage a mix of externalized security controls to deliver appropriate protection and alleviate burdens to development staff.” (Report available to Gartner subscribers: Protecting Web Applications and APIs From Exploits and Abuse, Frank Catucci, Michael Isbitski and Ramon Krikken, April 24, 2019)

Pricing and Availability

The CQ appFirewall solution includes the underlying platform, CQAI analytics engine, CQ Insight management application, and CQ Connect for sharing information. The annual subscription price is based on the number of transactions processed by the solution, which can vary significantly by customer. Controlled release and beta testing begin next month, with general availability in Q4 2019. Please contact Cequence Security for more details.

Featured

  • Report: 47 Percent of Security Service Providers Are Not Yet Using AI or Automation Tools

    Trackforce, a provider of security workforce management platforms, today announced the launch of its 2025 Physical Security Operations Benchmark Report, an industry-first study that benchmarks both private security service providers and corporate security teams side by side. Based on a survey of over 300 security professionals across the globe, the report provides a comprehensive look at the state of physical security operations. Read Now

    • Guard Services

  • Identity Governance at the Crossroads of Complexity and Scale

    Modern enterprises are grappling with an increasing number of identities, both human and machine, across an ever-growing number of systems. They must also deal with increased operational demands, including faster onboarding, more scalable models, and tighter security enforcement. Navigating these ever-growing challenges with speed and accuracy requires a new approach to identity governance that is built for the future enterprise. Read Now

  • Eagle Eye Networks Launches AI Camera Gun Detection

    Eagle Eye Networks, a provider of cloud video surveillance, recently introduced Eagle Eye Gun Detection, a new layer of protection for schools and businesses that works with existing security cameras and infrastructure. Eagle Eye Networks is the first to build gun detection into its platform. Read Now

  • Report: AI is Supercharging Old-School Cybercriminal Tactics

    AI isn’t just transforming how we work. It’s reshaping how cybercriminals attack, with threat actors exploiting AI to mass produce malicious code loaders, steal browser credentials and accelerate cloud attacks, according to a new report from Elastic. Read Now

  • Pragmatism, Productivity, and the Push for Accountability in 2025-2026

    Every year, the security industry debates whether artificial intelligence is a disruption, an enabler, or a distraction. By 2025, that conversation matured, where AI became a working dimension in physical identity and access management (PIAM) programs. Observations from 2025 highlight this turning point in AI’s role in access control and define how security leaders are being distinguished based on how they apply it. Read Now

Most   Popular

New Products

  • ResponderLink

    ResponderLink

    Shooter Detection Systems (SDS), an Alarm.com company and a global leader in gunshot detection solutions, has introduced ResponderLink, a groundbreaking new 911 notification service for gunshot events. ResponderLink completes the circle from detection to 911 notification to first responder awareness, giving law enforcement enhanced situational intelligence they urgently need to save lives. Integrating SDS’s proven gunshot detection system with Noonlight’s SendPolice platform, ResponderLink is the first solution to automatically deliver real-time gunshot detection data to 911 call centers and first responders. When shots are detected, the 911 dispatching center, also known as the Public Safety Answering Point or PSAP, is contacted based on the gunfire location, enabling faster initiation of life-saving emergency protocols.

  • PE80 Series

    PE80 Series by SARGENT / ED4000/PED5000 Series by Corbin Russwin

    ASSA ABLOY, a global leader in access solutions, has announced the launch of two next generation exit devices from long-standing leaders in the premium exit device market: the PE80 Series by SARGENT and the PED4000/PED5000 Series by Corbin Russwin. These new exit devices boast industry-first features that are specifically designed to provide enhanced safety, security and convenience, setting new standards for exit solutions. The SARGENT PE80 and Corbin Russwin PED4000/PED5000 Series exit devices are engineered to meet the ever-evolving needs of modern buildings. Featuring the high strength, security and durability that ASSA ABLOY is known for, the new exit devices deliver several innovative, industry-first features in addition to elegant design finishes for every opening.

  • AC Nio

    AC Nio

    Aiphone, a leading international manufacturer of intercom, access control, and emergency communication products, has introduced the AC Nio, its access control management software, an important addition to its new line of access control solutions.