Raven.io Raises $20M in Seed Round Led by UpWest Labs
We are announcing our $20M seed round to fund the next generation of runtime application protection...
Technical insights on runtime security, application protection, and threat detection from the Raven.io engineering team.
We are announcing our $20M seed round to fund the next generation of runtime application protection...
A WAF checks HTTP input at the perimeter. But what if the attack payload enters through one endpoint and executes through another...
Static rules catch known attacks. Behavioral models catch the rest. Here is how Raven.io builds a unique fingerprint for your application...
Three tools, three different vantage points. SAST checks code before deployment. WAF checks traffic at the perimeter. RASP checks behavior inside the process...
Adding runtime protection to containerized workloads requires careful integration with your existing deployment pipeline...
The 169.254.169.254 metadata endpoint is the most exploited target in cloud environments. Here is how SSRF gets there...
Java deserialization vulnerabilities have been known since 2015. They keep appearing because the root cause is architectural...
Every security vendor claims low overhead. Here is how we actually measure it — load testing methodology, p99 latency tracking, and real numbers...
The Log4Shell vulnerability exposed a fundamental gap in perimeter security. JNDI lookup execution from a log message was invisible to every WAF...
URL encoding, double encoding, null bytes, and Unicode normalization all bypass input validation that only checks for literal dot-dot-slash...
Structured security telemetry is only useful if it integrates with your existing detection pipeline. OCSF gives you a schema that works across vendors...
Signature-based detection fails against novel exploits by definition. Behavioral models detect exploitation by what it does, not what it looks like...