Lori McVittie of F5 had an interesting post on how the next level of web application security should look at “context”. I completely agree and enjoy seeing more people shine a light on taking web security to the next level. Context gives you the next level of information to help you make more accurate – and better informed – decisions about what is happening on your website.

What Lori said is exactly right – the key is not only understanding the current user’s session and whether that user is doing something abnormal, or even suspicious, but also understanding that user’s session in context with all other users’ sessions. Does the current session look normal or abnormal compared to all other users of the website? This is the exactly the holistic context websites need to look at.

Though I agree with most of Lori’s post, she is “almost right” about today’s technology as she writes:

The problem with technology, and web applications in general, is that you can’t see the user. Worse, you can’t even really see the entire context of his interactions with the web application because very few security implementations have the capability to evaluate user behavior (interaction with the application) as a holistic experience. Web application security solutions today simply can’t tell what’s normal behavior across the application.

Believe it or not, there are ways you can see the user. You really can get this type of holistic context today. It’s true that it takes some fairly powerful algorithms, but it is possible to get this context without a ton of compute power and in a meaningful way. That’s exactly what we’re working on at Silver Tail – bringing websites the holistic context they need to make better decisions about website events. We even go a step further – giving you the tools you need to take action against the bad events without impacting the legitimate users. Its working today and its an exciting new technique in the fight against online fraud and, specifically, business logic abuse.

Special thanks to Lori for raising awareness on this issue. I welcome your feedback and input…