Protecting web users from direct attacks like crypto-jacking — an interview with Tala Security CEO and co-founder, Aanand Krishnan
If you were at RSA’s Innovation Sandbox this year, you may have seen Aanand and his team from Tala Security. They were demonstrating how their technology protects attacks against web browsers from being leveraged to steal data from secure web sites. Gula Tech Adventures invested in Tala Security last year as part of our focused on web security. As is tradition with many of our portfolio companies, I was able to catch up with Aanand and ask him interview questions.
What class of web attacks does Tala Security help prevent?
Tala protects against attacks that can happen either via a compromise on a website, any of the third parties that are integrated into the site, or even a compromised user. We target cross-site scripting, clickjacking, various types of code injection and man-in-the-browser attacks. We also have unique solutions for third-party compromises, and new and emerging threats like crypto-jacking.
I run Tala Security on www.gula.tech and detected a visitor to the web site that had a variety of issues in their browser as you can see in the below screen shots. If I was running an ecommerce site or was offering secured private content, how could these security issues be leveraged?
Example real-world detection of visitors to www.gula.tech that had client-side web security issues
With Tala, your app sec team, your web security team or fraud teams can actually monitor attacks against all their web users, PC and mobile, in real-time. So if you’re an eCommerce company, this means that you can identify if your user experience is being attacked with malicious ads, competitors ads, link redirects etc. If you’re a bank, you can identify financial trojan attacks, or crypto-jacking attempts against your users and use that to adjust your risk metrics, enforce additional authentication measures etc.
What are the requirements of running Tala Security? Do I need to operate my own web server?
Tala integrates seamlessly with your web server, load balancer or reverse proxy. We support all major technologies.
Where can users go to learn more?
There’s more information on our website at www.talasecurity.io. You can also request a demo via our site to see how Tala can help protect your websites and web apps.