Click here to close now.


News Feed Item

Shape Comes Out of Stealth, Launches Product to Reinvent Website Security

After Two Years of R&D, Company Reveals Sophisticated New Technology to Disable the Capability of Malware and Bots to Attack Your Website

MOUNTAIN VIEW, CA -- (Marketwired) -- 01/21/14 -- Shape Security today launched a revolutionary new product to protect websites against the most dangerous cyber attacks. The ShapeShifter™ is a network security appliance that prevents website breaches by immediately disabling the capability of malware, bots and other scripted attacks to interact with your web application.

"For years, attackers have used automated malware to conduct huge numbers of attacks on computer systems quickly and cheaply," said Bob Blakley, director of security innovation at Citigroup. "By taking a technique -- polymorphic code -- out of the attackers' own playbook, Shape turns the cost equation back around in the defender's favor."

The revolutionary technology
The key to being able to block attacks on websites from malware and other scripts is a technique called real-time polymorphism. Malware has long used polymorphism, rewriting its code every time a new machine was infected, to easily evade antivirus detection systems. Shape is now reversing this advantage, using polymorphic code as a powerful new foundational tool for website defense. Shape has invented patent-pending technology to be able to implement real-time polymorphism, or dynamically changing code, on any website, to remove the static elements that botnets and malware depend on for their attacks.

"Modern cybercriminals employ sophisticated attacks that operate at large scale while easily evading detection by security defenses," said Derek Smith, CEO of Shape Security. "The ShapeShifter focuses on deflection, not detection. Rather than guessing about traffic and trying to intercept specific attacks based on signatures or heuristics, we allow websites to simply disable the automation that makes these attacks possible."

When a ShapeShifter protects a website, instead of encountering an application with fixed elements that are trivial to program an attack against, cybercriminals now face the daunting task of making their malware interact with a web application that has become a moving target, constantly rewriting itself. All of this happens transparently, with legitimate users continuing to see the original, unchanged user interface.

"Shape is operating on a previously inaccessible layer of the security problem: the fact that everyone has a user interface, but user interfaces are inherently vulnerable to attacks from malware, bots and scripts," said Robert Lentz, former chief information security officer of the United States Department of Defense and member of the board of directors of FireEye. "By preventing automation against a website's user interface, Shape's technology allows enterprises to block dozens of attack categories, such as account takeover, application DDoS, and Man-in-the-Browser, with a single product. This is not only a powerful new tool for enterprises but a potentially disruptive technology for multiple sectors of the cybersecurity industry."

"The industry has long needed a botwall -- a new tier of your security architecture that blocks attacks from bots, malware and scripts, which are the source or enabler of nearly all breaches," said Ted Schlein, managing partner at Kleiner Perkins Caufield & Byers. "Shape has successfully created the world's first botwall. The Internet badly needs this. This is a game-changing technology."

About Shape
Shape Security is led by a world-class team of former leaders from Google, the Pentagon, VMware, Cisco, Mozilla and Palo Alto Networks. The company has raised $26M in Series A and B funding from Kleiner Perkins Caufield & Byers, Venrock, Google Ventures, Wing Venture Partners, Allegis Capital, Google Executive Chairman Eric Schmidt's TomorrowVentures, and former Symantec CEO Enrique Salem. The company is currently accepting product demo and sales requests at

Media Contact
Christine McKeown
(415) 963-4174x11
Email Contact

More Stories By Marketwired .

Copyright © 2009 Marketwired. All rights reserved. All the news releases provided by Marketwired are copyrighted. Any forms of copying other than an individual user's personal reference without express written permission is prohibited. Further distribution of these materials is strictly forbidden, including but not limited to, posting, emailing, faxing, archiving in a public database, redistributing via a computer network or in a printed form.

Latest Stories
Docker is hot. However, as Docker container use spreads into more mature production pipelines, there can be issues about control of Docker images to ensure they are production-ready. Is a promotion-based model appropriate to control and track the flow of Docker images from development to production? In his session at DevOps Summit, Fred Simon, Co-founder and Chief Architect of JFrog, will demonstrate how to implement a promotion model for Docker images using a binary repository, and then show h...
SYS-CON Events announced today that IBM Cloud Data Services has been named “Bronze Sponsor” of SYS-CON's 17th Cloud Expo, which will take place on November 3–5, 2015, at the Santa Clara Convention Center in Santa Clara, CA. IBM Cloud Data Services offers a portfolio of integrated, best-of-breed cloud data services for developers focused on mobile computing and analytics use cases.
As the world moves towards more DevOps and microservices, application deployment to the cloud ought to become a lot simpler. The microservices architecture, which is the basis of many new age distributed systems such as OpenStack, NetFlix and so on, is at the heart of Cloud Foundry - a complete developer-oriented Platform as a Service (PaaS) that is IaaS agnostic and supports vCloud, OpenStack and AWS. In his session at 17th Cloud Expo, Raghavan "Rags" Srinivas, an Architect/Developer Evangeli...
The Internet of Things (IoT) is growing rapidly by extending current technologies, products and networks. By 2020, Cisco estimates there will be 50 billion connected devices. Gartner has forecast revenues of over $300 billion, just to IoT suppliers. Now is the time to figure out how you’ll make money – not just create innovative products. With hundreds of new products and companies jumping into the IoT fray every month, there’s no shortage of innovation. Despite this, McKinsey/VisionMobile data...
Today air travel is a minefield of delays, hassles and customer disappointment. Airlines struggle to revitalize the experience. GE and M2Mi will demonstrate practical examples of how IoT solutions are helping airlines bring back personalization, reduce trip time and improve reliability. In their session at @ThingsExpo, Shyam Varan Nath, Principal Architect with GE, and Dr. Sarah Cooper, M2Mi's VP Business Development and Engineering, will explore the IoT cloud-based platform technologies driv...
DevOps is here to stay because it works. Most businesses using this methodology are already realizing a wide range of real, measurable benefits as a result of implementing DevOps, including the breakdown of inter-departmental silos, faster delivery of new features and more stable operating environments. To take advantage of the cloud’s improved speed and flexibility, development and operations teams need to work together more closely and productively. In his session at DevOps Summit, Prashanth...
DevOps has often been described in terms of CAMS: Culture, Automation, Measuring, Sharing. While we’ve seen a lot of focus on the “A” and even on the “M”, there are very few examples of why the “C" is equally important in the DevOps equation. In her session at @DevOps Summit, Lori MacVittie, of F5 Networks, will explore HTTP/1 and HTTP/2 along with Microservices to illustrate why a collaborative culture between Dev, Ops, and the Network is critical to ensuring success.
Containers have changed the mind of IT in DevOps. They enable developers to work with dev, test, stage and production environments identically. Containers provide the right abstraction for microservices and many cloud platforms have integrated them into deployment pipelines. DevOps and containers together help companies achieve their business goals faster and more effectively. In his session at DevOps Summit, Ruslan Synytsky, CEO and Co-founder of Jelastic, will review the current landscape of...
In their session at DevOps Summit, Asaf Yigal, co-founder and the VP of Product at, and Tomer Levy, co-founder and CEO of, will explore the entire process that they have undergone – through research, benchmarking, implementation, optimization, and customer success – in developing a processing engine that can handle petabytes of data. They will also discuss the requirements of such an engine in terms of scalability, resilience, security, and availability along with how the archi...
DevOps is gaining traction in the federal government – and for good reasons. Heightened user expectations are pushing IT organizations to accelerate application development and support more innovation. At the same time, budgetary constraints require that agencies find ways to decrease the cost of developing, maintaining, and running applications. IT now faces a daunting task: do more and react faster than ever before – all with fewer resources.
Overgrown applications have given way to modular applications, driven by the need to break larger problems into smaller problems. Similarly large monolithic development processes have been forced to be broken into smaller agile development cycles. Looking at trends in software development, microservices architectures meet the same demands. Additional benefits of microservices architectures are compartmentalization and a limited impact of service failure versus a complete software malfunction....
As a company adopts a DevOps approach to software development, what are key things that both the Dev and Ops side of the business must keep in mind to ensure effective continuous delivery? In his session at DevOps Summit, Mark Hydar, Head of DevOps, Ericsson TV Platforms, will share best practices and provide helpful tips for Ops teams to adopt an open line of communication with the development side of the house to ensure success between the two sides.
The last decade was about virtual machines, but the next one is about containers. Containers enable a service to run on any host at any time. Traditional tools are starting to show cracks because they were not designed for this level of application portability. Now is the time to look at new ways to deploy and manage applications at scale. In his session at @DevOpsSummit, Brian “Redbeard” Harrington, a principal architect at CoreOS, will examine how CoreOS helps teams run in production. Attende...
There will be 20 billion IoT devices connected to the Internet soon. What if we could control these devices with our voice, mind, or gestures? What if we could teach these devices how to talk to each other? What if these devices could learn how to interact with us (and each other) to make our lives better? What if Jarvis was real? How can I gain these super powers? In his session at 17th Cloud Expo, Chris Matthieu, co-founder and CTO of Octoblu, will show you!
Developing software for the Internet of Things (IoT) comes with its own set of challenges. Security, privacy, and unified standards are a few key issues. In addition, each IoT product is comprised of at least three separate application components: the software embedded in the device, the backend big-data service, and the mobile application for the end user's controls. Each component is developed by a different team, using different technologies and practices, and deployed to a different stack/...