AWS Startups Blog
Cybersecurity and Amazon Redshift with Namogoo Security
September 8, 2021: Amazon Elasticsearch Service has been renamed to Amazon OpenSearch Service. See details.
This post comes as part of the Startups on Air series; where the Startup Evangelist Mackenzie Kosut, goes around to different startups and learns more about who they are, what they do, and how they utilize AWS.
Founders Chemi Katz and Ohad Greenshpan come from an extensive and broad background in security, eCommerce, and machine learning. After detecting a market opportunity and researching it thoroughly, they built a minimum viable product (MVP) and met key design partners to help bring their vision to fruition in 2014. They welcomed extremely positive feedback from the market, and went on to raise $6M in their first round. From there, they grew the Namogoo team and developed their IP, which is now sold to leading companies worldwide.
Namogoo provides a session firewall technology that protects consumer-facing applications and websites against client-side threats that operate on the application layer. These client-side threats include:
- Digital malware – Code that runs through browser extensions. Malicious software is installed on the end user’s device or hacked WiFi network that the user is connected to. Right after a page is served and during the page rendering, digital malware takes control of the session in order to “inject” content and code and leverage various monetization channels. For example, it can inject competitive products into product pages to drive the user to competitors’ websites, or it can inject advertisements (such as distracting popups, banners, and in-text ads) to monetize through views and clicks.
- Code injection – Client-side threats inject code in order to conduct fraud activity. By using code injection, a hacker can manipulate forms on the site to obtain sensitive information and “listen” to the user’s key strokes, sending the information directly from the session to the hacker’s servers. The hacker also can inject fake phishing surveys into a website to request the data directly from the user’s device.
- Bots – Namogoo protects websites and applications from client-side bots that run on the application layer. These bots are a form of automated traffic that use browsers to conduct their activity.
Namogoo’s technology is based on unique, proprietary IP. It includes strong machine learning, anomaly detection foundations, and reaches extremely high coverage with a zero false-positive rate. Their technology is robust, scalable, and self-learning It works in any environment and language, and it requires no customization or manual involvement. Namogoo provides high-quality analytics and intelligence about any session and device at a SessionID and PageView resolution. This allows for advanced device and threat investigation, along with integration into different analytical tools.
Namogoo currently protects top-tier retailers and eCommerce companies globally across all platforms, brands, and geographies. Namogoo provides a holistic, application-side layer that protects websites and applications against various client-side threats that are not covered today by other solutions.
Technical Recap:
“AWS enables us to focus less on solving problems, but rather on innovation, running faster, providing capabilities, and new technologies”– Ohad Greenshpan, COO/co-founder
Namogoo uses Amazon EC2 and Auto Scaling infrastructure for their servers, but they plan to switch to AWS Lambda and a server-less architecture soon. They store their data in Amazon S3 before moving it over to Amazon Redshift, their big data warehouse, “We are very, very happy with Redshift – we’ve done some interesting work on Redshift with AWS. Something we’re really proud of is the ability to store data for life, and we do it with relatively minimum space.”
From Amazon Redshift, Namogoo aggregates the data using the MySQL engine in Amazon RDS. This gives Namogoo quick access, which provides “a lot of robustness and speed.” Namogoo’s customer success team uses Amazon QuickSight with the RDS database to track user data. Namogoo plans to further integrate with their customers in the future via Amazon QuickSight, with the goal of sharing more data with customers in the future.
Namogoo also uses Amazon OpenSearch Service (successor to Amazon Elasticsearch Service), which allows Namogoo to take advantage of the powerful Amazon OpenSearch Service APIs without having to undertake the undifferentiated heavy lifting of setting up and managing an Amazon OpenSearch Service cluster manually. All of Namogoo’s research, classification, and statistical analysis is done by moving data from Redshift to Amazon OpenSearch Service, and is moved on either a daily or hourly basis, “Amazon enables us to focus less on solving problems, but rather on innovation, running faster, providing capabilities, and new technologies.”
Interested in learning more about Namogoo and their ways of cyber security? Check out their twitter page!