informa
/
Attacks/Breaches
News

Covelight Launches 2.0

Covelight Systems announced the availability of Covelight FraudProbe 2.0

CARY, N.C. -- Covelight Systems, the innovator of real-time application-independent online fraud management solutions, today announced the availability of Covelight FraudProbe™ 2.0. FraudProbe is the industry’s first and only online monitoring product family specifically designed to feed actionable real-time data to fraud management systems, without requiring any integration with the online application.

Today’s fraud management solutions suffer from a fundamental problem: they currently have no reliable real-time source of data to detect online fraud. Depending on application server logs or modifications to the application code, these systems are simply unable to detect fraud in real-time –without imposing a significant burden on application resources and personnel. Covelight FraudProbe™ solves this problem by providing application-independent online fraud information to any fraud management or Complex Event Processing (CEP) system – in real time.

FraudProbe™ 2.0 features include:

  • Complete application independence. Deployed as a passive network sensor, the traffic capture, SSL decryption, transaction logging and session, and login identification are all performed without any integration into the online application or servers, while maintaining complete transparency to the online users. No agents, cookies, JavaScript, code changes or server log files are required. This non-intrusive approach saves money by eliminating the fraud and risk teams’ reliance on application development or operations to install and maintain the system, because it does not degrade the application performance. Typical deployments can take place in under one hour. And because it cannot be detected by users, the fraudsters can be caught well before they have a chance to change their tactics.

  • True real-time delivery of data. Covelight FraudProbe™ captures raw application traffic in real-time, transforms it into meaningful events and feeds these events directly into the fraud detection systems – all without intermediate data warehouses or batch-mode transformations. This revolutionary new real-time architecture, dubbed Capture-Transform-Feed (CTF), available exclusively in Covelight FraudProbe™, delivers the fraud data the instant it is available.

  • Massive data reduction. Data reduction is achievable by filtering out content that is not important to the detection and analytics system. Additional reduction is achievable by formatting only the extracted information. For instance, FraudProbe™ can extract certain HTTP header fields from messages and feed these to the analytics consumer, rather than feeding the entire collection of HTTP headers. This simplifies the job of the detection and analytics systems by reducing the amount of data that must be parsed and analyzed.

  • Highly configurable data transformation options. During the transformation phase, FraudProbe™ may be configured to parse HTTP and HTML, identify the User and session ID, provide the IP geolocation, identify business-level transactions such as "transfer funds," and extract transaction parameters such as dollar amounts from the HTTP requests and or responses. All of this data can be used to construct an event stream for delivery to a fraud management or CEP system. The key to CTF is in completing the transformation from raw captured data to meaningful business-level events in a single step, in real-time, and for each event independently. This is done without intermediate batching, caching, or databases in order to meet the real-time requirements.

  • Native support for a variety of output adapters. The transformed event stream is packaged into one or more adapters that integrate directly into one or more fraud management or CEP systems simultaneously. Example formats include JMS message bus, Streambase, SMB flat file stores, configurable TCP stream and direct database insertion.

  • True enterprises scale. Already proven in very large scale deployments, FraudProbe™ can accommodate extremely high traffic loads individually (500 Mbps) and even greater loads when combined in clusters with the load-balancing cluster controller (multi-Gbps). In addition, FraudProbe™ supports multiple high-availability deployment options, including active-active, active-standby and N+1.

  • Available in two appliance options. The entry level FraudProbe 1000 is a one rack unit fixed configuration system with two monitoring ports and a single management/output port. For more demanding installations, the three rack unit FraudProbe™ 5000 model includes redundant hardware components, optional SSL acceleration and FIPS-140 compliant key management, and network interface connectivity options.

“Existing fraud systems are hamstrung by the lack of real-time online data. Because our customers want to install and operate their fraud system without reliance on the application personnel and resources, they are looking for a solution that does not require extensive integration with their applications," said Spencer Snedecor, Covelight’s CEO. "FraudProbe™ was born out of a real-world problem and developed in conjunction with a very large financial institution customer. The time spent successfully deployed in what is arguably one of the world’s most demanding online environments and the feature set of this 2.0 release, is what has us and our other financial institution customers extremely excited.”

Covelight Systems Inc.

Recommended Reading:
Editors' Choice
Kirsten Powell, Senior Manager for Security & Risk Management at Adobe
Joshua Goldfarb, Director of Product Management at F5