Silver Tail Blog

Fighting against business logic abuse.

Blogging from RSA Conference 2009

rsa09-logoWe are at the RSA Conference 2009 starting today with a couple of interesting pre-conference events.efraudnetwork

First, the eFraudNetwork meeting was held today where Laura Mather moderated a panel of fraud experts from Bank of America, Yahoo! and Medicare/Medicaid. The panel discussed ideas and best practices for protecting customers – everything from encrypting data, education and awareness, and tracking perpetrators of online crime. The panel was titled, “Protecting Customers: Case Studies from Leading Enterprises.”

The Innovation Sandbox was held highlighting ten (out of 50+) new companies who had creative ideas in the area of security. A good mini-conference to help promote the new, young startups get a little more attention. A couple of interesting companies, in my opinion, include Purewire (SaaS-based protection for enterprise client machines) and Behaviosec (behavior analysis of the user on how they interact with their machine: typing, mouse movements, etc.). The most entertaining was seeing the executives pitch their company in 3 minutes, which the winner, AlertEnterprise, did just that – plus, they had the best visually appealing application – hard to beat 3-D images.

Lastly, the welcome reception was a good way to get started on seeing the expo floor… booth discussions are so much better done over a beer.

Looking forward to tomorrow’s keynotes and Jeremiah Grossman’s Top Ten Web Hacking Techniques of 2008 – usually some good business logic abuse in there!

April 20, 2009 Posted by Sherrick Murdoff | Online Fraud, behavior analysis, business logic abuse | , , | No Comments Yet

Silver Tail launched today!

fireworksNow its official: Silver Tail launched with several announcements today. Though we haven’t been completely silent (thank you for continuing to read our blog), we are now ready to take on the market and aggressively lead the fight against business logic abuse. Building this company and this market is not only fun, but rewarding when you see how our patent pending technology is helping companies reduce online fraud losses, protect their brand and increase customer trust.

I want to take a moment to thank our investors, Leapfrog Ventures, Seraph Group, Startup Capital Ventures and our individual investors. They are very supportive in our quest, well beyond the financial aspect. Their guidance has been critical in our growth!

And of course to our customers, without their demand for our solution and their patience now that its getting installed, we would not have the momentum we have today.

Stay tuned as more exciting announcements are coming…

April 20, 2009 Posted by Sherrick Murdoff | General, Online Fraud, Trust, business logic abuse | , , , | No Comments Yet

2009 RSA Conference – eFraudNetwork

rsaI have the privilege of attending the eFraudNetwork day as part of the 2009 RSA security conference.  Prior to the conference, the eFN people had done a survey on the attacks banks and other websites are seeing.  Most of the data wasn’t surprising: identity theft was a big one.

Something that was surprising, though, was that almost 20% of respondents saw attacks against application logic.  When I saw that question in the survey I was worried that people wouldn’t know how to define application logic attacks.  It was very interesting that people are definitely seeing this type of attack.

While 20% seems small, my hypothesis is that most people are getting hit by this type of attack, but 1) many of them don’t know what they are called and 2) many of them don’t understand yet that their websites are being impacted by this type of attack.

I’ll be anxious to see the results of this study going forward to see how this number changes.

April 20, 2009 Posted by Laura Mather | business logic abuse | , , | No Comments Yet