Detection and Response for Applications

Many Reasons to be Thankful

‍

Today marks a special milestone for Miggo as we officially emerge from stealth and meet the world. None of this would have been possible without our incredible partners who believed in us before we even took our first step–thank you so much to YL Ventures, Cyber Club London (CCL), Runtime Ventures and our inspiring group of angels. Most importantly, I’d like to thank the amazing team that is Miggo. With a grand vision and a lot of passion, we put together a Super Bowl-worthy team that has proven extraordinary both on and off the field.

‍

‍

I’d like to take this opportunity to share how Miggo came to be.

‍

‍

The Beginning of the Road

‍

I was lucky to meet Itai Goldman, Miggo’s CTO and Co-Founder  early in my career. Serving together in Unit 8200’s cyber sector, we were eager to solve meaningful problems  that would make a real difference. Throughout the years since, we’ve seen the world of development undergo a fundamental transition. Applications today are made up of more and more services and are developed in a distributed manner. We realized that the modern applications architecture introduces new challenges to application security that are not being sufficiently addressed today.

‍

Things Look Different from the Inside

‍

Today’s applications are distributed and decentralized, comprising various services that communicate based on mutual trust, often referred to as the "chain of trust." Attackers have evolved beyond exploiting vulnerabilities; they now exploit the application's inherent behavior by manipulating chains of trust. For instance, attackers can bypass authentication mechanisms built into the application, impersonating legitimate entities to gain unauthorized access. These tactics were evident in the biggest breaches of 2023, such as MOVEit, Microsoft Sharepoint, Ivanti Gateway and GoAnywhere’s breaches, underscoring the widespread criticality of this ongoing security gap.

‍

We realized that in order to adequately defend against the threats to the structure of modern applications, a new approach is required. To be able to detect malicious behavior, it is critical to see and understand the interactions that take place between the various services. Such information can only be accessed from within the application. Information pulled from the outside is not able to provide a clear enough picture of application behaviors to inform a sufficiently good resolution.

‍

‍

The Emergence of Miggo’s ADR Platform

‍

In accordance with the evolution of attackers' techniques, we need to evolve and introduce a proactive approach to protecting our applications. We took inspiration from how other layers of enterprise security stacks have evolved, and realized how a deeper, context-driven and proactive approach akin to EDR and NDR could be the missing, transformative approach AppSec needs. Determined to bring a similar level of visibility and understanding to the application layer, we envisioned a solution that could map, baseline and contextualize the intricate interactions between application components to proactively identify and mitigate threats. The more we’ve worked on this, the more Application Detection and Response (ADR) felt like the only natural next step for AppSec.

‍

Miggo’s Application Detection and Response platform is the first tool to look inside distributed applications while they run for security, understand execution flows, authentication mechanisms, and data exposure, monitor drifts in architecture, and spot when things are out of the ordinary. Like EDR, Miggo would allow you to identify an exploitable path before an incident, but it would also allow you to detect an exploitation attempt and mitigate it before escalating into a breach.

‍

This is not to suggest that we should replace shift-left strategies, as growing security awareness among developers is crucial for protecting applications. However, there is a pressing need to empower AppSec managers with tools that enable the security organization to both prevent breaches and also proactively detect and mitigate exploitations as they occur. Essentially, detection and response for application during runtime.

‍

Paving the Way for ADR

‍

We’re looking ahead with the utmost excitement. We’re already working with our partners and customers to adopt better and more proactive AppSec strategies. If you’d like to see Miggo in action, please consider joining our upcoming webinar, where we’ll conduct a live hacking and explain the risk associated with the manipulation of distributed applications.

‍