This document summarizes key findings from Radware's 2012 Global Security Report. It discusses rising DDoS attack frequencies, durations, and costs to organizations. While organizations invest in security, most efforts are before and after attacks, not during. As a result, attackers are able to evade defenses by prolonging attacks and varying techniques. The document also examines recent large-scale DDoS attacks against US banks and how attackers exploited network vulnerabilities. It recommends organizations acquire capabilities to sustain long, complex attacks by deploying on-premise and cloud-based mitigation solutions and carefully planning network architectures.
Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...Skybox Security
1) The document discusses the challenges facing CISOs in 2013, including the need to identify and mitigate risks, ensure effective controls, and communicate risks in business terms.
2) It presents Skybox Security as a leader in proactive security risk management through predictive risk analytics and continuous, scalable operations across diverse customers and industries.
3) The CEO argues that traditional vulnerability management, SIEM, and GRC tools are insufficient for continuous and effective security risk management. Skybox proposes an integrated approach using modeling, simulation, and risk analytics to provide improved visibility, security, and performance.
Website attacks continue to prevail despite the best efforts of enterprises to fight them. Websites are an ongoing business concern and security must be assured all the time, not just at a point in time. And yet, most websites were exposed to at least one serious vulnerability every day of 2010, leaving valuable corporate and customer date at risk. Why?
In this report, Jeremiah will explore a new way to measure website security, Windows of Exposure, that tracks an organization’s current and historical website security posture. Window of Exposure is a useful combination of vulnerability prevalence, how long vulnerabilities take to get fixed, and the percentage of them that are remediated. By carefully tracking these metrics, an organization can determine where resources would be best invested.
Using data from WhiteHat’s 11th Website Security Statistics Report, based on assessments of over 3,000 websites, Grossman will reveal the most secure (and insecure) vertical markets and the Windows of Exposure of each. Find out how your industry ranks, and the top ten vulnerabilities plaguing your peers. Learn how to determine which metrics are critical to increasing their remediation rates, thereby limiting their Window of Exposure. The good news is that companies that take this approach are increasing remediation rates by 5 percent per year.
This document discusses Lumension and changes in endpoint protection. It notes the growing problems of cyber attacks and risks from mobile devices and applications. Lumension's approach provides application control and a dynamic trust engine to validate trust while accommodating change. The challenges of endpoint management around security, visibility and integration are discussed. Lumension Endpoint Management and Security Suite (LEMSS) aims to provide effective endpoint security through features like anti-virus, patch management, application control and device control from a single console.
Not my bug! Reasons for software bug report reassignmentsThomas Zimmermann
This document discusses reasons for software bug report reassignments in Microsoft products. Through qualitative surveys and analysis of bug reports for Windows Vista, it identifies the top reasons for reassignments as determining the root cause, unclear ownership between teams, poor bug report quality, determining the proper fix, and workload balancing. It also finds that bug reports with reassignment cycles at the beginning are more likely to be fixed, while cycles at the end indicate risk of the bug not being addressed. The lessons learned point to making the bug fixing process more collaborative, fluid and coordinated.
The document provides tips on using "Jedi mind tricks" to build successful application security programs. It discusses speaking the business language to gain executive buy-in, translating technical risks like vulnerabilities into monetary risks, and deriving an organization's expected monetary loss from applications risks. It also recommends getting the right stakeholders involved early, doing a security assessment to demonstrate real risks, and integrating the program into the SDLC and other processes.
Damballa automated breach defense june 2014Ricardo Resnik
This document discusses the need for advanced threat protection and containment solutions due to the high percentage of cyber attacks that go undetected for months. It notes that traditional prevention-focused security approaches are no longer sufficient. The document then highlights statistics on the financial and resource costs of cyber attacks. It introduces Damballa's automated breach defense platform, which uses behavioral analytics to automatically identify active threats, regardless of prior knowledge. The platform aims to enable a breach resistant organization. The document concludes by presenting several customer case studies where Damballa helped reduce costs, detection times, and improve visibility and response.
This presentation features the Risk Analysis Module of the Social Enterprise Learning Toolkit developed by Enterprising Non-Profits. The Toolkit offers a number of different learning modules and can be found on the enp website at www.enterprisingnonprofits.ca
Business Driven Security Securing the Smarter Planet pcty_020710_revShanker Sareen
This document discusses security challenges faced by business leaders and IBM's solutions to address them. It outlines typical security concerns like data security, identity management, and compliance issues. It then discusses the rising costs and complexity of security as threats increase. IBM promotes a strategy of foundational security controls that balance effectiveness, cost, and business needs to make security an enabler of innovation and change rather than a hindrance.
Out With the Old, In With the New – Reinvent and Justify Your 2013 Security S...Skybox Security
1) The document discusses the challenges facing CISOs in 2013, including the need to identify and mitigate risks, ensure effective controls, and communicate risks in business terms.
2) It presents Skybox Security as a leader in proactive security risk management through predictive risk analytics and continuous, scalable operations across diverse customers and industries.
3) The CEO argues that traditional vulnerability management, SIEM, and GRC tools are insufficient for continuous and effective security risk management. Skybox proposes an integrated approach using modeling, simulation, and risk analytics to provide improved visibility, security, and performance.
Website attacks continue to prevail despite the best efforts of enterprises to fight them. Websites are an ongoing business concern and security must be assured all the time, not just at a point in time. And yet, most websites were exposed to at least one serious vulnerability every day of 2010, leaving valuable corporate and customer date at risk. Why?
In this report, Jeremiah will explore a new way to measure website security, Windows of Exposure, that tracks an organization’s current and historical website security posture. Window of Exposure is a useful combination of vulnerability prevalence, how long vulnerabilities take to get fixed, and the percentage of them that are remediated. By carefully tracking these metrics, an organization can determine where resources would be best invested.
Using data from WhiteHat’s 11th Website Security Statistics Report, based on assessments of over 3,000 websites, Grossman will reveal the most secure (and insecure) vertical markets and the Windows of Exposure of each. Find out how your industry ranks, and the top ten vulnerabilities plaguing your peers. Learn how to determine which metrics are critical to increasing their remediation rates, thereby limiting their Window of Exposure. The good news is that companies that take this approach are increasing remediation rates by 5 percent per year.
This document discusses Lumension and changes in endpoint protection. It notes the growing problems of cyber attacks and risks from mobile devices and applications. Lumension's approach provides application control and a dynamic trust engine to validate trust while accommodating change. The challenges of endpoint management around security, visibility and integration are discussed. Lumension Endpoint Management and Security Suite (LEMSS) aims to provide effective endpoint security through features like anti-virus, patch management, application control and device control from a single console.
Not my bug! Reasons for software bug report reassignmentsThomas Zimmermann
This document discusses reasons for software bug report reassignments in Microsoft products. Through qualitative surveys and analysis of bug reports for Windows Vista, it identifies the top reasons for reassignments as determining the root cause, unclear ownership between teams, poor bug report quality, determining the proper fix, and workload balancing. It also finds that bug reports with reassignment cycles at the beginning are more likely to be fixed, while cycles at the end indicate risk of the bug not being addressed. The lessons learned point to making the bug fixing process more collaborative, fluid and coordinated.
The document provides tips on using "Jedi mind tricks" to build successful application security programs. It discusses speaking the business language to gain executive buy-in, translating technical risks like vulnerabilities into monetary risks, and deriving an organization's expected monetary loss from applications risks. It also recommends getting the right stakeholders involved early, doing a security assessment to demonstrate real risks, and integrating the program into the SDLC and other processes.
Damballa automated breach defense june 2014Ricardo Resnik
This document discusses the need for advanced threat protection and containment solutions due to the high percentage of cyber attacks that go undetected for months. It notes that traditional prevention-focused security approaches are no longer sufficient. The document then highlights statistics on the financial and resource costs of cyber attacks. It introduces Damballa's automated breach defense platform, which uses behavioral analytics to automatically identify active threats, regardless of prior knowledge. The platform aims to enable a breach resistant organization. The document concludes by presenting several customer case studies where Damballa helped reduce costs, detection times, and improve visibility and response.
This presentation features the Risk Analysis Module of the Social Enterprise Learning Toolkit developed by Enterprising Non-Profits. The Toolkit offers a number of different learning modules and can be found on the enp website at www.enterprisingnonprofits.ca
Business Driven Security Securing the Smarter Planet pcty_020710_revShanker Sareen
This document discusses security challenges faced by business leaders and IBM's solutions to address them. It outlines typical security concerns like data security, identity management, and compliance issues. It then discusses the rising costs and complexity of security as threats increase. IBM promotes a strategy of foundational security controls that balance effectiveness, cost, and business needs to make security an enabler of innovation and change rather than a hindrance.
Dennis Chaupis presented on vulnerability management programs. He explained that a VMP involves more than just vulnerability assessments and penetration testing, including asset management, patch management, infrastructure builds, technology intake processes, secure software development, threat intelligence, endpoint security, and defining an organization's risk appetite. A VMP relies on other security processes and aims to formalize how they work together. Key roles in a VMP include the CISO overseeing the program while working with the CIO, CRO, and chief auditor. Important outputs of a VMP are security metrics and reporting that show an organization's vulnerability status.
These slides - based on the webinar featuring David Monahan, research director for security and risk management at leading IT analyst firm Enterprise Management Associates (EMA), and David Cramer, vice president of product management for Data Center Automation and Cloud at BMC - reveal key data on data breashes.
Few these slides to:
- Understand the risks of the misalignment between security and operations
- Learn what tools and technology are available to help bridge the gap between security and operations
- Build your game plan to help your organization bridge the gap
This document discusses the importance of disaster recovery and business continuity planning. It outlines common causes of downtime like power failures, hardware/software issues, and natural disasters. The document recommends a 360-degree approach with five essentials: physical diversity, network availability, data archiving, data replication, and application failover. This comprehensive plan can help businesses reduce costs and legal exposure while ensuring continuity of operations and customer satisfaction. American Internet Services offers tools and services to help companies establish remote sites and infrastructure for disaster recovery.
The document discusses Damballa's advanced threat protection and detection capabilities. It highlights that Damballa can discover hidden threats that have gone undetected, terminate criminal communications to reduce risk, and provide the earliest detection of emerging threats. It explains that Damballa shifts the focus from protection to active threat monitoring and detection using advanced threat intelligence and machine learning to identify hidden infections on networks and endpoints. Damballa provides appliances and solutions that pinpoint compromised assets and criminal activity through network monitoring and host forensics.
SecurityBSides London - Jedi mind tricks for building application security pr...Security Ninja
The document discusses using business language and metrics to gain executive support for application security programs. It recommends translating technical security risks into monetary costs by estimating the organization's vulnerabilities, potential breach costs based on past incidents, and likelihood of threats occurring based on industry data. This allows expressing security risks in terms executives understand like potential financial losses.
According to a survey of 1,100 IT service providers, ransomware attacks have become increasingly common and frequent for small businesses. The majority of IT professionals report that ransomware incidents have increased in the last year, with over 40% experiencing 6 or more attacks against clients. CryptoLocker is the most prevalent ransomware variant affecting small businesses. While anti-virus software is commonly in place, ransomware has evolved to outsmart many existing defenses. The top recommendation from IT professionals is implementing backup and disaster recovery solutions to enable recovery from ransomware attacks.
Maximize Computer Security With Limited RessourcesSecunia
Presentation from Stefan Frei on how patches are an effective method to escape the arms race with cybercriminals. The majority of vulnerabilities have patches ready on the day of disclosure, which means that the right patch strategy is evident to maximize risk reduction.
Cyber Warfare is now a reality. The game changer was Stuxnet, followed by Flame, Duqu and Gauss. And these weren’t created overnight. F-Secure Labs estimates that it took more than 10 man years to develop Stuxnet, and even more time and resources to create Duqu and Flame.
Issa Charlotte 2009 Patching Your UsersMike Murray
This document discusses how social engineering threats have replaced direct technical vulnerabilities as the main security risk, due to improvements in operating system security. It argues that traditional security awareness training does not effectively change user behavior because it is treated as mandatory training rather than persuasive marketing. The document advocates applying marketing principles to security awareness, including defining goals, measuring baseline user knowledge, developing an integrated marketing campaign using various communication channels, and re-measuring to evaluate impact and guide iterative improvement of the campaign. A case study example shows how these principles could be applied to a goal of improving password strength.
The document discusses the importance of conducting risk assessments and implementing countermeasures to protect critical data and assets from threats. It outlines the key steps in risk assessment including identifying assets, threats, vulnerabilities, and risks. Outsourcing critical data to a managed service provider that locates data in secure environments is presented as an effective countermeasure that can minimize risks by placing security in the hands of security professionals and ensuring constant monitoring and uninterrupted access. The document advocates for regular risk assessments and risk management to account for changing threats over time.
Symantec's Internet Security Threat Report, Volume 18 revealed a 42 percent surge during 2012 in targeted attacks compared to the prior year. Designed to steal intellectual property, these targeted cyberespionage attacks are increasingly hitting the manufacturing sector as well as small businesses, which are the target of 31 percent of these attacks. Small businesses are attractive targets themselves and a way in to ultimately reach larger companies via “watering hole” techniques. In addition, consumers remain vulnerable to ransomware and mobile threats, particularly on the Android platform.
TM Forum Fraud Management Group Activities - Presented at TM Forum's Manageme...cVidya Networks
Tal Eisner, Senior Director Product Strategy at cVidya and Deputy Chair of the TM Forum Fraud Management Group, presented at TM Forum's Management World 2012 in Dublin on the Fraud Management Group Activities
In its sixth annual Symantec Disaster Recovery Study, Symantec found that organizations are struggling to manage disparate virtual, physical and cloud resources due to added complexity in protecting and recovering mission critical applications and data within those environments. Not only are virtual and cloud systems often not properly protected, but the study reveals a gap in downtime expectations and reality.
Using ThreadFix to Manage Application VulnerabilitiesDenim Group
ThreadFix is an open source software vulnerability aggregation and management system that reduces the time it takes to fix software vulnerabilities. It imports the results from dynamic, static and manual testing to provide a centralized view of software security defects across development teams and applications. The system allows organizations to correlate testing results and streamline software remediation efforts by simplifying feeds to software issue trackers. This presentation will walk through the major functionality in ThreadFix and describe several common use cases such as merging the results of multiple open source and commercial scanning tools and services. It will also demonstrate how ThreadFix can be used to track the results of scanning over time and gauge the effectiveness of different scanning techniques and technologies. Finally it will provide examples of how tracking assurance activities across an organization’s application portfolio can help the organization optimize remediation activities to best address risks associated with vulnerable software.
1) Progressive has won two new projects, one with NEC HCL to design and implement a new network infrastructure using Cisco products, and another with Ericsson for Bharti Airtel to implement and support HP servers and storage across eight locations.
2) The company has hired two new directors, Anil Zuitshi for enterprise sales and Sheeba Hasnain for business development in the Middle East.
3) The article discusses the importance of network security and outlines some key strategies for securing a network including implementing firewalls, routers, switches and other security equipment as well as creating access policies and using security tools.
The survey found that:
- 82% of organizations experienced at least one online attack or threat in the last year, with the average company experiencing three types.
- While ransomware was less common, it had the highest severity of impact. Browser vulnerabilities were identified as the biggest challenge to endpoint security.
- The most common impacts of attacks were increased help desk workload and reduced employee productivity. Most organizations now use multiple endpoint security solutions due to the ineffectiveness of traditional antivirus against advanced malware.
Companies preparing to migrate their systems over to Windows 7 – or even just considering a migration – can benefit from learning from the IT teams who have been there and done that. Symantec conducted a survey of more than 1,300 IT managers across the globe to help to determine best, and worst, practices that will help make future Windows 7 migrations successful. For example, the survey found that a sound migration plan and an integrated, automated solution are key ingredients of a successful migration to Windows 7.
Dennis Chaupis presented on vulnerability management programs. He explained that a VMP involves more than just vulnerability assessments and penetration testing, including asset management, patch management, infrastructure builds, technology intake processes, secure software development, threat intelligence, endpoint security, and defining an organization's risk appetite. A VMP relies on other security processes and aims to formalize how they work together. Key roles in a VMP include the CISO overseeing the program while working with the CIO, CRO, and chief auditor. Important outputs of a VMP are security metrics and reporting that show an organization's vulnerability status.
These slides - based on the webinar featuring David Monahan, research director for security and risk management at leading IT analyst firm Enterprise Management Associates (EMA), and David Cramer, vice president of product management for Data Center Automation and Cloud at BMC - reveal key data on data breashes.
Few these slides to:
- Understand the risks of the misalignment between security and operations
- Learn what tools and technology are available to help bridge the gap between security and operations
- Build your game plan to help your organization bridge the gap
This document discusses the importance of disaster recovery and business continuity planning. It outlines common causes of downtime like power failures, hardware/software issues, and natural disasters. The document recommends a 360-degree approach with five essentials: physical diversity, network availability, data archiving, data replication, and application failover. This comprehensive plan can help businesses reduce costs and legal exposure while ensuring continuity of operations and customer satisfaction. American Internet Services offers tools and services to help companies establish remote sites and infrastructure for disaster recovery.
The document discusses Damballa's advanced threat protection and detection capabilities. It highlights that Damballa can discover hidden threats that have gone undetected, terminate criminal communications to reduce risk, and provide the earliest detection of emerging threats. It explains that Damballa shifts the focus from protection to active threat monitoring and detection using advanced threat intelligence and machine learning to identify hidden infections on networks and endpoints. Damballa provides appliances and solutions that pinpoint compromised assets and criminal activity through network monitoring and host forensics.
SecurityBSides London - Jedi mind tricks for building application security pr...Security Ninja
The document discusses using business language and metrics to gain executive support for application security programs. It recommends translating technical security risks into monetary costs by estimating the organization's vulnerabilities, potential breach costs based on past incidents, and likelihood of threats occurring based on industry data. This allows expressing security risks in terms executives understand like potential financial losses.
According to a survey of 1,100 IT service providers, ransomware attacks have become increasingly common and frequent for small businesses. The majority of IT professionals report that ransomware incidents have increased in the last year, with over 40% experiencing 6 or more attacks against clients. CryptoLocker is the most prevalent ransomware variant affecting small businesses. While anti-virus software is commonly in place, ransomware has evolved to outsmart many existing defenses. The top recommendation from IT professionals is implementing backup and disaster recovery solutions to enable recovery from ransomware attacks.
Maximize Computer Security With Limited RessourcesSecunia
Presentation from Stefan Frei on how patches are an effective method to escape the arms race with cybercriminals. The majority of vulnerabilities have patches ready on the day of disclosure, which means that the right patch strategy is evident to maximize risk reduction.
Cyber Warfare is now a reality. The game changer was Stuxnet, followed by Flame, Duqu and Gauss. And these weren’t created overnight. F-Secure Labs estimates that it took more than 10 man years to develop Stuxnet, and even more time and resources to create Duqu and Flame.
Issa Charlotte 2009 Patching Your UsersMike Murray
This document discusses how social engineering threats have replaced direct technical vulnerabilities as the main security risk, due to improvements in operating system security. It argues that traditional security awareness training does not effectively change user behavior because it is treated as mandatory training rather than persuasive marketing. The document advocates applying marketing principles to security awareness, including defining goals, measuring baseline user knowledge, developing an integrated marketing campaign using various communication channels, and re-measuring to evaluate impact and guide iterative improvement of the campaign. A case study example shows how these principles could be applied to a goal of improving password strength.
The document discusses the importance of conducting risk assessments and implementing countermeasures to protect critical data and assets from threats. It outlines the key steps in risk assessment including identifying assets, threats, vulnerabilities, and risks. Outsourcing critical data to a managed service provider that locates data in secure environments is presented as an effective countermeasure that can minimize risks by placing security in the hands of security professionals and ensuring constant monitoring and uninterrupted access. The document advocates for regular risk assessments and risk management to account for changing threats over time.
Symantec's Internet Security Threat Report, Volume 18 revealed a 42 percent surge during 2012 in targeted attacks compared to the prior year. Designed to steal intellectual property, these targeted cyberespionage attacks are increasingly hitting the manufacturing sector as well as small businesses, which are the target of 31 percent of these attacks. Small businesses are attractive targets themselves and a way in to ultimately reach larger companies via “watering hole” techniques. In addition, consumers remain vulnerable to ransomware and mobile threats, particularly on the Android platform.
TM Forum Fraud Management Group Activities - Presented at TM Forum's Manageme...cVidya Networks
Tal Eisner, Senior Director Product Strategy at cVidya and Deputy Chair of the TM Forum Fraud Management Group, presented at TM Forum's Management World 2012 in Dublin on the Fraud Management Group Activities
In its sixth annual Symantec Disaster Recovery Study, Symantec found that organizations are struggling to manage disparate virtual, physical and cloud resources due to added complexity in protecting and recovering mission critical applications and data within those environments. Not only are virtual and cloud systems often not properly protected, but the study reveals a gap in downtime expectations and reality.
Using ThreadFix to Manage Application VulnerabilitiesDenim Group
ThreadFix is an open source software vulnerability aggregation and management system that reduces the time it takes to fix software vulnerabilities. It imports the results from dynamic, static and manual testing to provide a centralized view of software security defects across development teams and applications. The system allows organizations to correlate testing results and streamline software remediation efforts by simplifying feeds to software issue trackers. This presentation will walk through the major functionality in ThreadFix and describe several common use cases such as merging the results of multiple open source and commercial scanning tools and services. It will also demonstrate how ThreadFix can be used to track the results of scanning over time and gauge the effectiveness of different scanning techniques and technologies. Finally it will provide examples of how tracking assurance activities across an organization’s application portfolio can help the organization optimize remediation activities to best address risks associated with vulnerable software.
1) Progressive has won two new projects, one with NEC HCL to design and implement a new network infrastructure using Cisco products, and another with Ericsson for Bharti Airtel to implement and support HP servers and storage across eight locations.
2) The company has hired two new directors, Anil Zuitshi for enterprise sales and Sheeba Hasnain for business development in the Middle East.
3) The article discusses the importance of network security and outlines some key strategies for securing a network including implementing firewalls, routers, switches and other security equipment as well as creating access policies and using security tools.
The survey found that:
- 82% of organizations experienced at least one online attack or threat in the last year, with the average company experiencing three types.
- While ransomware was less common, it had the highest severity of impact. Browser vulnerabilities were identified as the biggest challenge to endpoint security.
- The most common impacts of attacks were increased help desk workload and reduced employee productivity. Most organizations now use multiple endpoint security solutions due to the ineffectiveness of traditional antivirus against advanced malware.
Companies preparing to migrate their systems over to Windows 7 – or even just considering a migration – can benefit from learning from the IT teams who have been there and done that. Symantec conducted a survey of more than 1,300 IT managers across the globe to help to determine best, and worst, practices that will help make future Windows 7 migrations successful. For example, the survey found that a sound migration plan and an integrated, automated solution are key ingredients of a successful migration to Windows 7.
How to Increase Performance and Virtualization Efficiency with Emulex 16Gb FC...Emulex Corporation
Join Barbara Porter from Emulex, with Bob Laliberte, senior analyst, and Tony Palmer, senior engineer/analyst, at ESG, for an in-depth analysis of 16Gb Fibre Channel (16GFC) and an overview of the results of an ESG Lab Validation of Emulex’s high performance, low latency 16GFC adapters, built for highly virtualized environments.
Microsoft Power Point Information Security And Risk Managementv2Graeme Payne
This presentation discusses current and emerging issues in information security based on global trends. It reviews how leading organizations are addressing ongoing security challenges through examples of best practices. These include considering security as a business risk and part of the overall business strategy. Effective practices involve identifying critical information assets, assigning ownership, and implementing controls. Additionally, integrating security into enterprise architecture and outsourcing some functions can help organizations manage security risks.
This document discusses current trends in business continuity management. It notes that effective BCM is rising in importance for corporations due to increased complexity, tighter margins for error, and higher expectations for resilience and recovery times after disruptions. Leading trends that companies are adopting to improve their ability to manage emergencies and minimize impacts include implementing an enterprise-wide BCM framework and governance model, integrating business impact analysis and risk assessments, leveraging technologies like cloud computing and virtualization, and fully understanding application interdependencies for recovery.
How Mature is Your Data Protection? 3 Steps to Effective Data Security.Lumension
This document discusses the results of a survey on data protection maturity. The survey looked at administrative controls, technical controls, and organizational motivation. It found that while most organizations have some policies, enforcement of policies through technical controls is still developing. For example, many have employee agreements on confidentiality but fewer technically enforce controls like encryption. The presentation introduces a model of data protection maturity with levels from ad hoc to optimal practices. It aims to help organizations understand their current state and improve processes.
The Cloud and Mobility Pivot - How MSPs can retool for the next 5 yearsJay McBain
The Managed Services model continues to grow and evolve. This presentation makes the case for building a cloud and mobility practice on top of the recurring revenue MSP model to drive success over the next 5 years. Supported by data from CompTIA, the cloud and mobility opportunity is very real in all customers segments and industries. The Channel is well positioned to take advantage of the consulting, policy and compliance services as well as the ongoing management and infrastructure needs of this emerging opportunity.
The Relationship Between Development Problems and Use of Software Engineering...SoftwarePractice
The document reports on two surveys of computational science and engineering (CSE) developers regarding their use of software engineering practices and experiences with common development problems. The surveys found that while most developers believe they have sufficient knowledge of software engineering, they experience frequent issues like rework, performance problems, and regression errors. Production developers view problems as more severe and use software engineering practices more than researchers. Many practices have not been widely adopted in CSE due to lack of knowledge about how to apply them.
cPrime's latest Agile Meetup discussion will center around methods for how to monitor and validate the performance of agile.
Many firms that have been doing agile can not determine how or if it has had an impact on the company. Agile expert, Jeff Howey will discuss ways to evaluate agile performance. Join our webinar to learn how to identify the benefits of agile and uncover the differences between companies that exhibit "agile-like" behavior and highly functioning teams.
- The document summarizes the findings of a survey that found many organizations are ill-prepared to respond to cyberattacks due to a lack of incident response plans, reliance on manual processes, infrequent patching, and other issues.
- While IT managers understand cybersecurity risks, over half do not have an incident response plan and 55% rely on manual processes to respond to attacks. Only a quarter apply patches weekly.
- Managed service providers (MSPs) generally have stronger security practices than in-house IT managers, including more frequent patching, remote access to security tools, and documented response plans. However, MSPs also fear business shutdown from an attack.
- The document recommends organizations prioritize patching, invest
The document summarizes the findings of a study conducted by Ponemon Institute on cloud security and firewall risks. The key findings are:
1) Most organizations' cloud servers are vulnerable, as 54% of IT personnel have little knowledge of open firewall port risks and 67% said they are vulnerable today.
2) Securing access to cloud servers and generating security reports is difficult, as 79% struggle to manage access and reporting.
3) Cloud security is widely seen as important but poorly managed currently, with only 9% rating their security as excellent and 42% unaware if their cloud was hacked due to open ports.
Data growth-protection-trends-research-resultsAccenture
This document summarizes the results of a survey about data growth and protection trends sponsored by Symform and StorageCraft. Nearly 600 respondents representing small, medium, and large enterprises completed the survey. The top findings include that cloud utilization for backup is increasing, with nearly 40% using the cloud. Cost and restore failures are the biggest challenges. Satisfaction varies by industry and company size. Most expect significant annual data growth of 10-40% and are backing up critical data weekly, though nearly 20% still lack secondary backup.
Secure Cloud Hosting: Real Requirements to Protect your DataArmor
FireHost's Senior Security Engineer will discuss the need for acute awareness to secure data in the Cloud, and how the advancement of the environment has also accelerated the way this technology can be breached. The session will also include case studies on attacks and what you need to be asking yourself and your provider.
Survey on the Impact of BYOD on Enterprise SecurityAirTight Networks
A survey of 316 respondents found that most enterprises allow personal smart devices but have concerns about security and enforcing policies. While many see BYOD trends positively, most are concerned about data security on devices and employees bypassing network policies. Over half of respondents plan to invest in security solutions to address BYOD challenges in the next year.
Similar to Attackers Vs. Defenders: Restoring the Equilibrium (20)
Cyber Security Through the Eyes of the C-Suite (Infographic)Radware
The document summarizes the findings of a survey of 200 IT executives in the US and UK about how their companies are responding to ransom-based cyber attacks. It reports that UK executives are less willing to pay ransoms than US executives, with only 9% of UK executives saying they would pay versus 23% in the US. Over half of UK businesses have invited or are open to inviting hackers to assess their cyber security. On average, ransoms demanded of UK companies are higher at £22,000 compared to $7,500 in the US. Executives who have not experienced an attack are less likely to say they would pay a ransom compared to those who have already been attacked.
What’s the Cost of a Cyber Attack (Infographic)Radware
How much does a cyber-attack actually cost an organization in hard dollars? What are the potential business impacts? This infographic answers these questions and more via two surveys Radware recently conducted of IT professionals.
DDoS Threat Landscape - Ron Winward CHINOG16Radware
- DDoS attacks continue to grow in complexity and now utilize multi-vector attacks across all layers of the infrastructure. The top failure points for networks are internet pipe saturation and stateful firewalls.
- Common attack types include UDP, ICMP, reflection attacks, TCP weaknesses like SYN floods, low and slow attacks like Slowloris, and encrypted attacks such as HTTPS floods. Anonymous hacking tools enable these attacks.
- Successful mitigation of DDoS attacks requires proactive preparation across the network, including a hybrid solution of on-premise and cloud-based detection and mitigation, emergency response planning, and a single point of contact during attacks.
Radware provides cloud-based web application firewall (WAF) and distributed denial of service (DDoS) protection services to help organizations address evolving security threats. The services use Radware's security technologies and are fully managed by Radware security experts. The WAF service provides continuously adaptive protection against known and unknown attacks. The DDoS service offers over 2Tbps of mitigation capacity and has protected organizations from large multi-vector DDoS campaigns. Both services are designed to provide strong security with minimal management requirements.
The enterprise perimeter is disappearing. Migration to the cloud means a more distributed network infrastructure. Transition of web based applications to the cloud renders on premise mitigation tools ineffective against web attacks and requires organizations to protect applications both on premise and in-the-cloud.
Introducing Radware's Hybrid Cloud WAF Service - a fully-managed, always on service that integrates cloud-based with on premise protection against a broad range of attack vectors.
Visit here http://www.radware.com/social/hybridcloudwaf/ to read "The Dawn of Hybrid Cloud WAF" and to learn how the industry's first hybrid cloud-based WAF service addresses today's most challenging web-based cyber-attacks.
The Expanding Role and Importance of Application Delivery Controllers [Resear...Radware
When it Comes to ADCs, Perception is Not Reality.
The Enterprise Strategy Group and Radware recently conducted a collaborative research project about the current use and future strategies of application delivery controllers (ADCs).
Based on a survey of 243 IT professionals, the research reveals that the role of ADCs has expanded well beyond the historical perception of hardware-based load balancers.
What’s most interesting is that ADCs are becoming a critical component of a defense-in-depth security strategy as enterprises fine-tune security policy and enforcement to align with their sensitive business applications. Organizations are also deploying ADCs as virtual appliances at an increasing rate and taking advantage of ADC functionality from the network through the application layer.
There is a lesson to be learned here: enterprise organizations can get creative with ADC deployments for performance tuning, application-specific services, and critical system protection. Read this research http://www.radware.com/social/esg-adc-research/ to understand the benefits of applying ADCs in this fashion.
The Art of Cyber War [From Black Hat Brazil 2014]Radware
With cyber-attacks becoming a growing concern for organizations, availability-based attacks, also known as Denial of Service or Distributed Denial of Service attacks, have long moved from a form of cyber protest to a destructive weapon that is used by cyber criminals, hacktivists and even governments.
In 2013 we saw a growing use of a new type of attack where attackers used legitimate transactions to saturate application servers’ resources. In this presentation, Security Expert Werner Thalmeier demonstrates how such an advanced attack can be created from a laptop running in an anonymous public WiFi network. He also evaluates the attack landscape and its impact on organizations as well as shares the best practices to protect against such cyber-attacks.
Understand the current availability-based threat landscape and learn about new types of cyber-attacks that are being used to saturate resources. For more information on the state of Application and Network Security, please visit: http://www.radware.com/ert-report-2013/
Eventually, every website fails. If it's a household-name site like Amazon, then news of that failure gets around faster than a rocket full of monkeys. That's because downtime hurts. As a for-instance, in 2013 Amazon suffered a 40-minute outage that allegedly cost the company $5 million in lost sales. That's a big number, and everybody loves big numbers.
But when it comes to performance-related losses, is it the biggest number?
In this presentation from the CMG Performance and Capacity 2014 conference, Radware Web Performance Expert Tammy Everts reviews real-world examples that compare the cost of site slowdowns versus outages. We also talk about how to overcome the challenges of creating as much urgency around the topic of slow time as there is around the topic of downtime.
The Cyber Attack landscape is evolving with new attack vectors and dangerous trends that can affect the security of your business. Some attacks can take only minutes to complete, yet months to be discovered.
Determine your attack risk and learn what to look for in a quality cyber attack defense.
Please visit here: http://www.radware.com/social/amn/ for information on Radware's AMN (Attack Mitigation Network.
The document summarizes the Shellshock vulnerabilities (CVE-2014-6271, CVE-2014-7169) that affect Bash and allow remote code execution. It provides background on the vulnerabilities, risk level, mitigation options including IPS signatures, and recommendations to patch vulnerable systems. Contact information is also included.
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreRadware
Is the world in the midst of a cyber-war? If so, what are the implications?
In this presentation Carl Herberger, Radware's VP of Security Solutions, explores some of the most notable recent cyber-attacks and how many of the findings correlate with the tenets of warfare as defined in The Art of War by Sun Tzu, the ancient military general, strategist and tactician.
How should organizations be preparing for an information security landscape that is shaped by ideologically motivated cyber warfare rather than just opportunistic cyber-crime? Learn the techniques being employed to safeguard IT operations in a theatre that is witnessing ever more sophisticated attacks.
For more on how to help detect, mitigate and win this cyber war battle, visit here: http://www.radware.com/ert-report-2013/ to download the 2013 Global Application and Network Security Report.
Mobile Web Stress: Understanding the Neurological Impact of Poor PerformanceRadware
Slow pages hurt mobile user metrics, from bounce rate to online revenues and long-term user retention. At Radware, we wanted to understand the science behind this, so we engaged in the first documented study of the neurological impact of poor performance on mobile users. Your takeaway from this presentation is hard data that you can use to make a case for investing in mobile performance in your organization.
Based on similar research performed on desktop users, our study involved using a groundbreaking combination of eyetracking and electroencephalography (EEG) technologies to monitor brain wave activity in a group of mobile users who were asked to perform a series of online transactions via mobile devices.
In our study, participants were asked to complete standardized shopping tasks on four ecommerce sites while using a smartphone. We studied participants during these tasks, both at the normal speed over Wifi and also at a consistently slowed-down speed (using software that allowed us to create a 500ms network delay). The participants did not know that speed was a factor in the tests; rather, they believed that they were participating in a generic usability/brand perception study. From the data, we were able to extract measures of frustration and emotional engagement for the browsing and checkout stages of both the normal and slowed-down versions of all four sites.
This presentation, shared by Radware Web Performance Evangelist Tammy Everts at the 2014 Velocity Conference and the CMG Performance and Capacity 2014 Conference, provides a deeper understanding of the impact of performance on mobile users.
For even more on the research, you can also download it here: http://www.radware.com/mobile-eeg2013/
This is your brain.
This is your brain on a mobile site with throughput throttled just enough to frustrate the heck out of you.
This is your brain thinking about all the tests you could run if you had your own lightweight, wireless EEG braincap to directly but passively monitor brain activity in your customers as they interact with your digital assets.
From the eMetrics Conference in Chicago, Radware Evangelist Tammy Everts describes a mobile web stress test conducted to gauge the impact of network speed on emotional engagement and brand perception. Neural marketing has escaped the lab and has found its way into practical applications. For even more on the web stress tests, please visit: http://www.radware.com/mobile-eeg2013/
InfoSecurity Europe 2014: The Art Of Cyber WarRadware
With cyber-attacks becoming a growing concern for organizations, availability-based attacks, also known as Denial of Service or Distributed Denial of Service attacks, have long moved from a form of cyber protest to a destructive weapon that is used by cyber criminals, hacktivists and even governments.
In 2013 we saw a growing use of a new type of attack where attackers used legitimate transactions to saturate application servers’ resources. In this presentation, Security Expert Werner Thalmeier demonstrates how such an advanced attack can be created from a laptop running in an anonymous public WiFi network. He also evaluates the attack landscape and its impact on organizations as well as shares the best practices to protect against such cyber-attacks.
Understand the current availability-based threat landscape and learn about new types of cyber-attacks that are being used to saturate resources. For more information on the state of Application and Network Security, please visit: http://www.radware.com/ert-report-2013/
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...Radware
Why would you want to have an open source driver?
Samuel Bercovici, Radware's Director of Automation & Cloud Integration, answers this and offers an introduction to Drivers in Havana in this presentation from his recent appearance at OpenStack Israel.
Read more in our Press Release: http://www.radware.com/NewsEvents/PressReleases/Radware-Alteon-Provides-Load-Balancing-for-OpenStack-Cloud-Applications/
SecureWorld St. Louis: Survival in an Evolving Threat LandscapeRadware
David Hobbs’ presentation from SecureWorld Expo - St. Louis discusses availability-based threats; attacks on U.S. banks and other popular attack patterns & trends.
In the Line of Fire - The Morphology of Cyber-AttacksRadware
Presentation from Dennis Usle during TakeDownCon in Huntsville, AL that discusses Availability-based threats; Attacks on U.S. banks and others popular attack patterns & trends.
The document discusses a presentation given at Black Hat 2013 about bypassing DDoS mitigation techniques. It describes a new tool called "Kill'em All 1.0" that is designed to generate realistic human-like traffic to circumvent detection. The tool supports features like authentication bypass, HTTP headers, JavaScript execution, and captcha solving. It was allegedly tested successfully against major CDNs. The presenters concluded that current DDoS defenses are becoming less effective and attacks are becoming more sophisticated.
In the Line of Fire-the Morphology of Cyber AttacksRadware
Dennis Ulse's Presentation from SecureWorld Expo Atlanta that discusses Availability-based threats; Attacks on U.S. banks and other popular attack patterns and trends.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Unlocking Productivity: Leveraging the Potential of Copilot in Microsoft 365, a presentation by Christoforos Vlachos, Senior Solutions Manager – Modern Workplace, Uni Systems
Unlock the Future of Search with MongoDB Atlas_ Vector Search Unleashed.pdfMalak Abu Hammad
Discover how MongoDB Atlas and vector search technology can revolutionize your application's search capabilities. This comprehensive presentation covers:
* What is Vector Search?
* Importance and benefits of vector search
* Practical use cases across various industries
* Step-by-step implementation guide
* Live demos with code snippets
* Enhancing LLM capabilities with vector search
* Best practices and optimization strategies
Perfect for developers, AI enthusiasts, and tech leaders. Learn how to leverage MongoDB Atlas to deliver highly relevant, context-aware search results, transforming your data retrieval process. Stay ahead in tech innovation and maximize the potential of your applications.
#MongoDB #VectorSearch #AI #SemanticSearch #TechInnovation #DataScience #LLM #MachineLearning #SearchTechnology
20 Comprehensive Checklist of Designing and Developing a WebsitePixlogix Infotech
Dive into the world of Website Designing and Developing with Pixlogix! Looking to create a stunning online presence? Look no further! Our comprehensive checklist covers everything you need to know to craft a website that stands out. From user-friendly design to seamless functionality, we've got you covered. Don't miss out on this invaluable resource! Check out our checklist now at Pixlogix and start your journey towards a captivating online presence today.
Cosa hanno in comune un mattoncino Lego e la backdoor XZ?Speck&Tech
ABSTRACT: A prima vista, un mattoncino Lego e la backdoor XZ potrebbero avere in comune il fatto di essere entrambi blocchi di costruzione, o dipendenze di progetti creativi e software. La realtà è che un mattoncino Lego e il caso della backdoor XZ hanno molto di più di tutto ciò in comune.
Partecipate alla presentazione per immergervi in una storia di interoperabilità, standard e formati aperti, per poi discutere del ruolo importante che i contributori hanno in una comunità open source sostenibile.
BIO: Sostenitrice del software libero e dei formati standard e aperti. È stata un membro attivo dei progetti Fedora e openSUSE e ha co-fondato l'Associazione LibreItalia dove è stata coinvolta in diversi eventi, migrazioni e formazione relativi a LibreOffice. In precedenza ha lavorato a migrazioni e corsi di formazione su LibreOffice per diverse amministrazioni pubbliche e privati. Da gennaio 2020 lavora in SUSE come Software Release Engineer per Uyuni e SUSE Manager e quando non segue la sua passione per i computer e per Geeko coltiva la sua curiosità per l'astronomia (da cui deriva il suo nickname deneb_alpha).
Threats to mobile devices are more prevalent and increasing in scope and complexity. Users of mobile devices desire to take full advantage of the features
available on those devices, but many of the features provide convenience and capability but sacrifice security. This best practices guide outlines steps the users can take to better protect personal devices and information.
Building RAG with self-deployed Milvus vector database and Snowpark Container...Zilliz
This talk will give hands-on advice on building RAG applications with an open-source Milvus database deployed as a docker container. We will also introduce the integration of Milvus with Snowpark Container Services.
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
How to Get CNIC Information System with Paksim Ga.pptxdanishmna97
Pakdata Cf is a groundbreaking system designed to streamline and facilitate access to CNIC information. This innovative platform leverages advanced technology to provide users with efficient and secure access to their CNIC details.
For the full video of this presentation, please visit: https://www.edge-ai-vision.com/2024/06/building-and-scaling-ai-applications-with-the-nx-ai-manager-a-presentation-from-network-optix/
Robin van Emden, Senior Director of Data Science at Network Optix, presents the “Building and Scaling AI Applications with the Nx AI Manager,” tutorial at the May 2024 Embedded Vision Summit.
In this presentation, van Emden covers the basics of scaling edge AI solutions using the Nx tool kit. He emphasizes the process of developing AI models and deploying them globally. He also showcases the conversion of AI models and the creation of effective edge AI pipelines, with a focus on pre-processing, model conversion, selecting the appropriate inference engine for the target hardware and post-processing.
van Emden shows how Nx can simplify the developer’s life and facilitate a rapid transition from concept to production-ready applications.He provides valuable insights into developing scalable and efficient edge AI solutions, with a strong focus on practical implementation.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Maruthi Prithivirajan, Head of ASEAN & IN Solution Architecture, Neo4j
Get an inside look at the latest Neo4j innovations that enable relationship-driven intelligence at scale. Learn more about the newest cloud integrations and product enhancements that make Neo4j an essential choice for developers building apps with interconnected data and generative AI.
Communications Mining Series - Zero to Hero - Session 1DianaGray10
This session provides introduction to UiPath Communication Mining, importance and platform overview. You will acquire a good understand of the phases in Communication Mining as we go over the platform with you. Topics covered:
• Communication Mining Overview
• Why is it important?
• How can it help today’s business and the benefits
• Phases in Communication Mining
• Demo on Platform overview
• Q/A
Let's Integrate MuleSoft RPA, COMPOSER, APM with AWS IDP along with Slackshyamraj55
Discover the seamless integration of RPA (Robotic Process Automation), COMPOSER, and APM with AWS IDP enhanced with Slack notifications. Explore how these technologies converge to streamline workflows, optimize performance, and ensure secure access, all while leveraging the power of AWS IDP and real-time communication via Slack notifications.
3. Cyber Security Study
• A research study by Ponemon & Radware
• Surveyed 700 IT & IT Security Practitioners
• Non Radware customers
• Release date: November 12th 2012
3
4. Cyber Security Business Priorities
Ranking of cyber security objectives in terms of a business priority objective
5 = Highest Priority to 1 = Lowest Priority
5 4.7
4.5 4.4
4
3.5
3.5
3 2.8
2.5
2 1.9
1.5
1
0.5
0
Interoperability Confidentiality Integrity Compliance Availability
4
5. DDoS Attacks Frequency
How many DDoS attacks experienced in the
past 12 months?
of organizations had an
65% average of 3 DDoS
attacks in the past 12
months
5
6. Average downtime during one DDoS attack
25%
22%
20%
16%
15%
13% Minutes average
10%
10%
54 11%
downtime during
9%
one DDoS attack
5%
10%
5% 4%
0%
Less than 1 11 to 20 minutes 31 to 60 minutes 3 to 5 Cannot
minute hours determine
6
7. Cost of Downtime
Cost per minute of downtime
25%
21%
20%
15%
12%
$22,000
15% 15%
Average cost per minute of downtime
11%
10%
8%
7%
5%
1%
$3,000,000 5% 5%
0% Average annual Cost of DDoS Attacks
7
11. Organizations Bring a Knife to a Gunfight
• ”Someone who brings a knife to a gun fight”
– Is someone who does prepare himself for the fight, but does not
understand its true nature
• Organizations today are like that
– They do invest before the attack starts, and conduct excellent
forensics after it is over,
– however, they have one critical blind-spot – they don't have
the capabilities or resources to sustain a long, complicated
attack campaign.
• Attackers target this blind spot!
11
12. Attacked in 2012
They had the budget
They made the investment
And yet they went offline
12
13. Organizations Deploy Two-phase Security Approach
Industry Security Survey
How much did your organization invest in each of the following security
aspects in the last year?
45%
40%
35%
30%
25%
Procedures
20%
Human skills
15%
Equipment
10%
5%
0%
Before During After
Only 21% of company efforts are invested during the attack itself,
while 79% is spent during the pre-attack and post-attack phase. 13
15. Attacks last longer
21%
23%
14
21%
12 12%
10
8
2011
2012 6
11%
4 12%
2
20
0 12
1-2 days
20
Half a week 11
1 week
Attacks last longer: The number of DoS attacks lasting over a week had doubled in 2012
15
16. And become more complex
ERT Cases – Attack Vectors
29%
29%
16%
30%
25%
20%
15%
16%
10%
4%
5%
0% 7%
5-6
7-8
Complexity 9-10
2011 2012
Attacks are more complex: 2012 DoS/DDoS attacks have become more sophisticated, using
morecomplex attack vectors. Note the number of attacks using a complexity level of 7-10.
16
17. Content Delivery Network (CDN)
Do you consider Content Delivery Networks (CDNs)
a solution for a DoS/DDoS attack?
70% Yes
30%
No
70% of the companies who use CDN believe the CDN is a solution for DoSDDoS attacks.
17
18. Attacks Evade CDN service
GET Legitimate requests
www.exmaple.com are refused
Legitimate users
Internet Backend Webserver
• In recent cyber attacks the CDN was easily bypassed
– By changing the page request in every Web
GET
www.exmaple.com/?[Random]
transaction
Botnet • These random request techniques force CDNs to “raise
the curtain”
– All the attacks traffic is disembarked directly to the
customer premise
– More complex to mitigate attacks masked by CDN CDN service
18
19. Attackers are well prepared
• By definition the defenders loose the battle
• Equilibrium has been disrupted
19
20. The good news (1)
Industry Security Survey
How likely is it that your organization will be attacked by cyber warfare?
Possible
37%
Organizations start understanding
Unlikely
45%
the risk of DDoS
Very likely Likely
10% 8%
Over half of the organizations believe their organization is likely
to be attacked by cyber warfare. 20
21. The good news (2)
Industry Security Survey
Which solutions do you use against DoS attacks?
40% 45%
40%
32% 32% 35%
27% 30%
Organizations start understanding 25%
20%
12% 15%
Firewall and IPS cannot fight DDoS
5% 5% 5%
8%
10%
5%
3%
8%
2%
5% 10%
1% 5%
attacks 0%
2012
2011
21
22. Conclusions
• Today‟s attacks are different
– Carefully planned
– Last days or weeks
– Switching between attack vectors
• Organizations are ready to fight yesterdays‟ attacks
– Deploy security solutions that can absorb the first strike
– But when attacks prolong - they have very limited gunfire
– By the time they succeed blocking the first two attack
vectors, attackers switch to a third, more powerful one
22
23. A different approach is needed
• A team of security experts
– Acquire capabilities to sustain long attacks
– Train a team that is ready to respond to persistent attacks
– Deploy the most up-to-date methodologies and tools
– 24 x 7 availability to respond to attacks
– Deploy counterattack techniques to cripple an attack
23
26. US Banks Under Attack: Operation Ababil
• Publication of the „Innocence of Muslim‟ film on YouTube invokes
demonstrations throughout the Muslim world
• September 18th- „Cyber Fighters of Izz ad-din Al Qassam‟ announced
an upcoming cyber attack campaign against „American and Zionist‟
targets.
26
27. Attack Summary
• Attack targets
– Bank of America
– New York Stock Exchange (NYSE)
– Chase
– Wells Fargo
• Attacks lasted Sep 18-21, 2012
• Multiple attacks‟ waves on each
target, each wave lasted 4 to 9 hours
• Victims suffered from temporary outages
and network slowness
• ERT was actively involved in protecting
the attacked organizations
27
28. Why it was so challenging?
UDP Garbage flood on ports 80 and 443
Multi-vulnerability attack campaignLarge volume SYN flood
• Mitigation nearly impossible
Business
• Attackers look for the blind spot SSL Client Hello flood
HTTP flood attack
28
29. Recent updates
• HTTP flood was carried from compromised hosting servers
– Highly distributed attacks
29
31. ERT recommendations for 2013
• Acquire capabilities to sustain a long sophisticated cyber
attack
• Attack tools are known. Test yourself
• Carefully plan the position of DoS/DDoS mitigation within
network architecture
– On premise capabilities
– In the cloud capabilities
31
I would like to share with you the results of a very interesting survey that we did last month. The research was conducted by Ponemon and included 700 IT & IT security staff that are not Radware customers.The survey is going to be released next week and today we can have a first look into some of its highlights.
Availability is the top business priority for organizations today… that has been changed over the last couple of years.
We didn’t do this survey in the past, but we know that 2 years ago we had explain the threat more. Today it’s changed.
What happens after the Backend server crashes depends on the type of CDN service provided, two options here:Static content still provided by CDN, dynamic content unavailable2. Service is not provided at all when backend server is not responsive