Cequence Security

Discovery Mode

CQAI is deployed out-of-band using TAP mode or SPAN port to receive application traffic from the customer network.

ML-based automation indicators analyze the traffic to discover publicly exposed application and API endpoints as well as ongoing automated attack campaigns and vulnerability exploits. Threat findings can be exported to an existing security infrastructure solution like a SIEM or a WAF for further analysis and remediation.

Integrations supported: TAP mode, SPAN port.

Defense Mode

Moving from Discovery mode to Defense mode entails the deployment of a lightweight enforcement module inline to the application traffic through network or app server-based integration.

  • Network Integrations supported: Load Balancers, Proxy Servers. Enforcement module is integrated with proxy servers or load balancers via loopback proxy configuration or as a next hop configuration.
  • App Server Integrations supported: App Servers, Service Mesh. Enforcement module is configured as a sidecar helper to the ingress controller of the service mesh or as a sidecar to the app server.

Malicious activity can be remediated using response options that include: block, rate limit, deception or geo-fence.

Data Center or Public Cloud(s)

A key benefit of the container-based architecture is the deployment flexibility it provides, allowing you to implement application security in the appropriate location – close to the data center applications, at the network edge, or in the cloud. Natively supported integrations with existing security and network infrastructure makes efficient use of your existing investment while strengthening your security posture.

Cequence Demployment

Learn more: Cequence Application Security Platform Datasheet | AWS Datasheet | GCP Datasheet

CQ botDefense SaaS

CQ botDefense SaaS integrates with either your existing CDN or as a proxy to support either visibility only mode, or bot defense mode.

Cequence Demployment

CQ botDefense SaaS CDN Integration
Integration with your CDN or load balancer allows you to deploy application security at the network edge, resulting in a reduction in (malicious) traffic hitting your application server infrastructure.

Learn more: Cequence botDefense Saas Datasheet | AWS CloudFront Integration | Fastly Integration | Akamai Integration

 

Cequence Demployment

CQ botDefense SaaS Proxy Integration
Inline deployment allows you to implement bot protection closer to the application servers with no changes required to the network edge. A lightweight module is used to integrate with your proxy where it communicates with CQ AI in the cloud for ML analysis and policy updates.

Learn more: Cequence botDefense SaaS Datasheet