Covelight Launches 2.0

Complete application independence. Deployed as a passive network sensor, the traffic capture, SSL decryption, transaction logging and session, and login identification are all performed without any integration into the online application or servers, while maintaining complete transparency to the online users. No agents, cookies, JavaScript, code changes or server log files are required. This non-intrusive approach saves money by eliminating the fraud and risk teams’ reliance on application development or operations to install and maintain the system, because it does not degrade the application performance. Typical deployments can take place in under one hour. And because it cannot be detected by users, the fraudsters can be caught well before they have a chance to change their tactics.

True real-time delivery of data. Covelight FraudProbe™ captures raw application traffic in real-time, transforms it into meaningful events and feeds these events directly into the fraud detection systems – all without intermediate data warehouses or batch-mode transformations. This revolutionary new real-time architecture, dubbed Capture-Transform-Feed (CTF), available exclusively in Covelight FraudProbe™, delivers the fraud data the instant it is available.

Massive data reduction. Data reduction is achievable by filtering out content that is not important to the detection and analytics system. Additional reduction is achievable by formatting only the extracted information. For instance, FraudProbe™ can extract certain HTTP header fields from messages and feed these to the analytics consumer, rather than feeding the entire collection of HTTP headers. This simplifies the job of the detection and analytics systems by reducing the amount of data that must be parsed and analyzed.

Highly configurable data transformation options. During the transformation phase, FraudProbe™ may be configured to parse HTTP and HTML, identify the User and session ID, provide the IP geolocation, identify business-level transactions such as "transfer funds," and extract transaction parameters such as dollar amounts from the HTTP requests and or responses. All of this data can be used to construct an event stream for delivery to a fraud management or CEP system. The key to CTF is in completing the transformation from raw captured data to meaningful business-level events in a single step, in real-time, and for each event independently. This is done without intermediate batching, caching, or databases in order to meet the real-time requirements.

Native support for a variety of output adapters. The transformed event stream is packaged into one or more adapters that integrate directly into one or more fraud management or CEP systems simultaneously. Example formats include JMS message bus, Streambase, SMB flat file stores, configurable TCP stream and direct database insertion.

True enterprises scale. Already proven in very large scale deployments, FraudProbe™ can accommodate extremely high traffic loads individually (500 Mbps) and even greater loads when combined in clusters with the load-balancing cluster controller (multi-Gbps). In addition, FraudProbe™ supports multiple high-availability deployment options, including active-active, active-standby and N+1.

Available in two appliance options. The entry level FraudProbe 1000 is a one rack unit fixed configuration system with two monitoring ports and a single management/output port. For more demanding installations, the three rack unit FraudProbe™ 5000 model includes redundant hardware components, optional SSL acceleration and FIPS-140 compliant key management, and network interface connectivity options.