Cleafy protects online services against advanced attacks from unmanaged endpoints.
Cleafy protects online services against targeted attacks from compromised endpoints without impacting your users and business, by combining deterministic malware detection with passive behavioral and transactional risk analysis. Cleafy’s innovative threat detection and protection technology provides the missing capability of most fraud management solutions: the ability to validate the integrity of the application at all layers and from end to end.
Cleafy’s deterministic malware detection, combined with multi-entity behavioral analysis and cross-session correlation, makes it possible to identify and characterize attack campaigns from the early stages, even if the malware changes over time and different networks of infected endpoints are leveraged. Cleafy’s unmatched predictive threat visibility enables an effective threat prevention process and supports an adaptive threat response approach.
Cleafy reduces online frauds by detecting today’s advanced attacks, improves operational efficiency and deliver higher-quality services without impacting application development & operations, accelerate digital transformation initiatives without compromising security and enables compliance with security requirements and industry regulations (e.g. EBA/PSD2).
- Passive and transparent monitoring: passive monitoring of application traffic with zero touch of application backend infrastructure, no impact on end users or endpoint performance and no changes requiredto application code
- Deterministic malware detection and protection: patented real-time integrity checking at application and communications (API) level, providing and automatic extraction of threat evidence (i.e. malicious web-injects and apps) and deterministic detection of Man-in-the-Browser (MITB), Man-in-the-Middle (MITM), BOT, RAT-in-the-Browser, app overlay, app repackaging and others attack techniques
- Comprehensive fraud management: real-time detection of today’s fraud scenarios, including Account Takeover (ATO) and Automatic Transfer Systems (ATS), thanks to real-time correlation of indicators of compromise (IOCs) from malware detection, user & behavioral and transactional risk analysis
- Open, scalable and cloud-ready: lightweight yet highly scalable architecture supporting continuous monitoring of multiple applications (entire perimeters) and millions of users and sessions per day, supporting supported by an open architecture and comprehensive set of APIs (+150) with proven integrations with Transaction Monitors and SIEMs (e.g. Splunk) with flexible deployment models (including on-premise, over-the-cloud and SaaS).