Published on April 7th, 2020
Written by Aanand Krishnan, CEO and Founder of Tala Security


Applications and users are the weakest links in enterprise security. Tala’s innovation
transforms how we approach securing them.

Client-side vulnerabilities are the modern web’s weakest link. They’ve been a critical vector for some of
the biggest data breaches of the past two years, costing millions of dollars in fines and brand damage.
Right now, less than 1% of website operators deploy security policies capable of preventing these
attacks and customer trust on online banking and commerce is at stake.

A key driver of this major vulnerability has been the shift towards more client-heavy web applications -
the backbone of today’s rich web experience. Cross-site scripting (XSS), cross-site request forgery (CSRF),
web injection attacks, document object model (DOM)-based attacks, and many others are the cause of
countless credential theft, fraud, advertisement injection, malware advertisements, traffic re-direction
and large-scale data loss. All of these can take place in the application layer - and existing, traditional
approaches to security are inadequate.

Solving the web application vulnerability problem

At Tala, we’re on a mission to solve this critical security problem, faced by almost every business
worldwide with an online presence. We’re constantly researching, developing and re-defining the way
we address web security. And we’re delighted to share the news of our latest innovation: our patent for
the generation of an Application Information Model based on automated app analysis has been granted.
As detailed in our recent blog post Re-Thinking Application Security, to really protect an asset, you have
to know something about it and how it operates, otherwise you’re flying blind. Our latest innovation has
this concept at the core.

Where existing methodologies to protect applications rely on analysis techniques to identify already-
known vulnerabilities, this blacklist approach is inadequate because it only protects against known
attack vectors and vulnerabilities. Tala’s approach is based on the premise that, to secure an application
properly, you need to know that application. Our patented technique performs both static and dynamic
analysis on code resources and on a running instance of the application. An application information of
the application is generated - and on this basis, the security policies best-suited to protect the
application are determined.


Aanand Krishnan, CEO and Founder of Tala Security

Aanand Krishnan, CEO and Founder of Tala Security

Aanand Krishnan is the CEO and Founder of Tala Security. Prior to Tala, Aanand was most recently a senior director of product management at Symantec where he built Symantec’s first big data security analytics platform and led key strategy projects that helped establish the company’s vision and strategic focus. Aanand spent several years in investment banking at and mergers and acquisitions at Morgan Stanley and Dolby Labs and acted as an adviser to leading security software, semiconductor and clean tech companies. He started his career building high-speed optical networking products at Agilent Technologies. Aanand holds an MBA from Berkeley where he was a recipient of CJ White Fellowship, a Masters in Photonics and Optoelectronics from UC Santa Barbara where he was a QUEST Fellow and a Bachelors in Electrical Engineering with Honors from BITS, Pilani.

Find Aanand on LinkedIn


Sign up for our Newsletter

Hand-picked security content for security professionals.