Phil Williams, Principal Cloud Solutions Architect, explains how to evaluate your exposure to DDoS attack and how to best shape your defenses to budget requirements.
In this presentation, we cover advanced mitigation techniques used by Behemoth 2 – our latest mitigation platform – as well as real-life examples of different DDoS attack vectors and traffic samples. Plus, learn how we utilize a network of 4.7 Tbps to handle complex high throughput attacks and get a heads up on the latest trends we’re seeing in DDoS attacks.
Preparing for the Imminent Terabit DDoS AttackImperva
With the rapid growth of volumetric DDoS threats, even the largest networks, equipped with carrier grade hardware and with huge amounts of bandwidth at their disposal, are at risk of being taken down by a large DDoS attack.
Volumetric DDoS threats are leading many financial institutions, service providers, and other large organizations on a search for solutions that can scale DDoS protection beyond their existing network capabilities, and into the Terabit level. Learn:
- Expected trends in the evolving DDoS landscape over the next 12-36 months
- Important considerations when selecting your DDoS protection technology
- How to prepare your organization to detect and respond to a DDoS attack
DDoS Mitigation on the Front Line with RedShieldSam Pickles
Denial of Service attacks are increasingly targeting applications, masking attack traffic as legitimate HTTP, and using SSL encryption to avoid detection.
In this presentation Aura Information Security CTO Sam Pickles discusses lessons learnt in delivering RedShield, Aura's managed web shielding service; including attack trends and types, mitigation of next generation DDoS attacks, the use and automation of the F5 DDoS reference architecture.
CloudFlare DDoS attacks 101: what are they and how to protect your site?Cloudflare
Distributed denial of service (DDoS) attacks have scaled up in size and frequency over the past year. Attackers constantly adopt new methods to flood your website and network with malicious traffic. What exactly are DDoS attacks and how do they work? More importantly, how can you ensure that your website stays protected. CloudFlare solutions engineer Trey Guinn discusses the nature of DDoS attacks, with a focus on amplification attacks. He explains how CloudFlare is able to stop such attacks and also what can you do to ensure you are not part of the problem by running open NTP servers or DNS resolvers.
DDoS attacks make headlines every day, but how do they work, and how can you defend against them? DDoS attacks can be high volume UDP traffic floods, SYN floods, NTP amplification, or Layer 7 HTTP attacks, amongst others. Understanding how to protect yourself from DDoS is critical to doing business on the internet today. This talk will cover how these attacks work, what is being targeted by the attackers, and how you can protect against the different attack types.
In this presentation, we cover advanced mitigation techniques used by Behemoth 2 – our latest mitigation platform – as well as real-life examples of different DDoS attack vectors and traffic samples. Plus, learn how we utilize a network of 4.7 Tbps to handle complex high throughput attacks and get a heads up on the latest trends we’re seeing in DDoS attacks.
Preparing for the Imminent Terabit DDoS AttackImperva
With the rapid growth of volumetric DDoS threats, even the largest networks, equipped with carrier grade hardware and with huge amounts of bandwidth at their disposal, are at risk of being taken down by a large DDoS attack.
Volumetric DDoS threats are leading many financial institutions, service providers, and other large organizations on a search for solutions that can scale DDoS protection beyond their existing network capabilities, and into the Terabit level. Learn:
- Expected trends in the evolving DDoS landscape over the next 12-36 months
- Important considerations when selecting your DDoS protection technology
- How to prepare your organization to detect and respond to a DDoS attack
DDoS Mitigation on the Front Line with RedShieldSam Pickles
Denial of Service attacks are increasingly targeting applications, masking attack traffic as legitimate HTTP, and using SSL encryption to avoid detection.
In this presentation Aura Information Security CTO Sam Pickles discusses lessons learnt in delivering RedShield, Aura's managed web shielding service; including attack trends and types, mitigation of next generation DDoS attacks, the use and automation of the F5 DDoS reference architecture.
CloudFlare DDoS attacks 101: what are they and how to protect your site?Cloudflare
Distributed denial of service (DDoS) attacks have scaled up in size and frequency over the past year. Attackers constantly adopt new methods to flood your website and network with malicious traffic. What exactly are DDoS attacks and how do they work? More importantly, how can you ensure that your website stays protected. CloudFlare solutions engineer Trey Guinn discusses the nature of DDoS attacks, with a focus on amplification attacks. He explains how CloudFlare is able to stop such attacks and also what can you do to ensure you are not part of the problem by running open NTP servers or DNS resolvers.
DDoS attacks make headlines every day, but how do they work, and how can you defend against them? DDoS attacks can be high volume UDP traffic floods, SYN floods, NTP amplification, or Layer 7 HTTP attacks, amongst others. Understanding how to protect yourself from DDoS is critical to doing business on the internet today. This talk will cover how these attacks work, what is being targeted by the attackers, and how you can protect against the different attack types.
Bigger and more sophisticated distributed denial of service (DDoS) attacks are targeting the Internet’s Domain Name System (DNS) causing significant downtime to websites and application. Amazon Route 53, the AWS DNS service, integrates tightly with AWS Shield, the AWS service that provides managed DDoS protection, to safeguard your web applications and protect against large scale attacks. Techniques Amazon Route 53 employs to thwart DDoS attacks including Anycast Striping, Shuffle Sharding and a global network of 56 points of presence. Mitigation strategies AWS Shield provides including inline mitigations, visibility and cost protection.
Learning Objectives:
• Learn how Amazon Route 53 scales against DDoS attacks
• Learn about the advanced features like Anycast Striping and traffic shaping mitigates DDoS risks
• Learn how always-on inline mitigation techniques protects against advanced attacks
• Learn how AWS Shield integrates with Amazon Route53 to monitor traffic signatures and undertakes deterministic packet filtering to minimize application downtime
• Learn why customers should use Amazon Route 53 and AWS Shield to protect against DNS DDoS attacks
Are Your Containers as Secure as You Think?DevOps.com
With the growing popularity of Container technology comes the growth of container-based attacks – but understanding your security needs will keep you ahead of the game.
Container adoption is skyrocketing, growing 40% in the last year. And it makes sense – the agility, operational efficiencies and cost savings of containerized environments are huge benefits. But as more organizations rush to leverage containers, security is increasingly becoming a major concern and is the top roadblock to container deployment. What do you need to know (and do) to keep your container environments safe?
Cloudflare protects and accelerates any web property online. We stop hackers from reaching your web property and knocking it offline. In addition, we help your site visitors access your content as fast as possible no matter their location. Join us as we discuss evolving DDoS attack types and trends to be aware about in 2018.
Why Many Websites are still Insecure (and How to Fix Them)Cloudflare
The latest version of the transport layer security (TLS) protocol was launched at the end of 2017, and version 1.3 proposes the largest change with improvements to performance and security. However, there has not been widespread adoption of this protocol which leaves many users exposed to data and privacy breaches. In this webinar, we will look at the new developments in TLS and SSL, why the internet needs better security and the technical challenges of good encryption.
Argo is a new Cloudflare feature that allows for a faster, more reliable, more secure Internet for everyone. Cloudflare has launched Argo, a “virtual backbone” for the modern Internet. Argo analyzes and optimizes routing decisions across the global Internet in real-time. Think Waze, the automobile route optimization app, but for Internet traffic.
This is an introductory guide of how to get set up and monitor the benefits of Argo.
Please do note that Argo is an add-on feature.
Cloudflare’s SSL for SaaS offering provides SaaS providers the opportunity to extend the security, performance, and encryption benefits of Cloudflare’s network to their end customers. This includes management of the entire SSL certificate lifecycle for custom vanity domains.
View the slides to learn:
-The performance, security, and encryption benefits of Cloudflare for SaaS providers and their end customers.
-How SSL for SaaS manages the entire SSL certificate lifecycle for SaaS providers and their end customers, from purchase to renewal.
-The hurdles of building and managing an in-house SSL solution for custom domains.
-How SSL for SaaS seamlessly delivers encryption to custom domains.
Running a Robust DNS Infrastructure with CloudFlare Virtual DNSCloudflare
CloudFlare is excited to announce the release of Virtual DNS. Virtual DNS protects and accelerates any organization’s DNS infrastructure through robust DDoS mitigation, lightning-fast DNS lookups, and caching at 31 locations around the globe.
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...Cloudflare
Join Cloudflare and CoinGecko, a Singapore-based cryptocurrency ranking chart platform that serves over 100 million pages views per month, for an educational webinar. Learn about the steps CoinGecko took to improve the user experience of its cryptocurrency platform, and how Cloudflare’s Argo Smart Routing routed over 1.2 billion website requests per month to improve performance on average by 65%, while using caching to save CoinGecko up to 88% on bandwidth.
Orchestrated - multi tenant architecture at scale with serverlessmartinfoster
Presented at AWS User's Group Melbourne, 25 July 2018
Follow our journey to building a SaaS product on AWS using serverless technologies to get the isolation benefits of single-tenant design, with the operational cost benefits of multi-tenant platforms.
We cover business problem, solution evolution from prototype to prod, automation and security concerns.
Distributed Denial of Service (DDoS) attackers use a variety of techniques to consume network or other resources, interrupting access for legitimate users Customers can adopt practices to reduce the impact of these attacks, including minimizing the attack surface area, safeguarding exposed resources and creating a plan for when attacks occur. This webinar will outline how to use AWS services like Elastic Load Balancing (ELB), Auto Scaling, Amazon CloudFront and Amazon Route53 to improve resiliency when attacks occur.
Learning Objectives:
• Learn techniques that can help maintain availability in the face of DDoS attacks
• Understand how AWS services can work together to increase resiliency
Who Should Attend:
• Systems Architects, Network Engineers, Web Developers
DDoS attacks make headlines everyday, but how do they work and how can you defend against them? DDoS attacks can be high volume UDP traffic floods, SYN floods, DNS amplification, or Layer 7 HTTP attacks. Understanding how to protect yourself from DDoS is critical to doing business on the internet today. Suzanne Aldrich, a lead Solutions Engineer at Cloudflare, will cover how these attacks work, what is being targeted by the attackers, and how you can protect against the different attack types. She will cap the session with the rise in IoT attacks, and expectations for the future of web security.
This presentation discusses the various types of distributed denial of service attacks launched worldwide by botnets in 2014. From DNS to Layer7 attacks, this deck provides an expert analysis of botnet breakdowns by-the-numbers including where the majority of botnets came from regionally, what attack trends were most popular, and when these attacks occurred.
Unexpected Impacts of DDoS Attacks and How to Stop ThemCaitlin Magat
With the launch of Cloudflare Rate Limiting, web security expert Troy Hunt, Microsoft Regional Director and Founder of HaveIBeenPwned.com, joins Cloudflare in this security webinar.
Webinar topics include evolving global DDoS attack trends, how Have I Been Pwned prevents excessive API requests using DDoS Protection and Rate Limiting, and a quick how-to on enabling Rate limiting in the Cloudflare dashboard.
Beyond takeover: stories from a hacked accountImperva
In this presentation, Imperva researchers explore the dynamics of credential theft. The team reversed a phishing hook to hack and track phishers using the same methods that phishers use on their victims. The presentation explores questions such as how long it takes from takeover to exploitation, what the attacker looks for in the hacked account, which decoys attract their attention, and what security practices they use to cover their tracks. Check out the slides and read the report to learn about real-world takeover stories and best practices for breach detection and remediation to protect your data. Read the full report: https://www.imperva.com/DefenseCenter/HackerIntelligenceReports
An Inside Look at a Sophisticated Multi-Vector DDoS AttackImperva Incapsula
By Nabeel Saeed
This presentation explores the current DDoS attack landscape, it covers the basics of DDoS attacks, current trends including the most recent results from the newly published 2015 Imperva Incapsula DDoS Report. It also discusses a detailed analysis of one of today’s modern, multi-vector DDoS attacks. While dissecting this DDoS attack, this presentation explores the anatomy and timeline of the attack, as well as the steps used to mitigate each phase of the assault. This session will close with a review of the aspects of effective DDoS protection solutions used to combat these sophisticated denial of service attacks.
Bigger and more sophisticated distributed denial of service (DDoS) attacks are targeting the Internet’s Domain Name System (DNS) causing significant downtime to websites and application. Amazon Route 53, the AWS DNS service, integrates tightly with AWS Shield, the AWS service that provides managed DDoS protection, to safeguard your web applications and protect against large scale attacks. Techniques Amazon Route 53 employs to thwart DDoS attacks including Anycast Striping, Shuffle Sharding and a global network of 56 points of presence. Mitigation strategies AWS Shield provides including inline mitigations, visibility and cost protection.
Learning Objectives:
• Learn how Amazon Route 53 scales against DDoS attacks
• Learn about the advanced features like Anycast Striping and traffic shaping mitigates DDoS risks
• Learn how always-on inline mitigation techniques protects against advanced attacks
• Learn how AWS Shield integrates with Amazon Route53 to monitor traffic signatures and undertakes deterministic packet filtering to minimize application downtime
• Learn why customers should use Amazon Route 53 and AWS Shield to protect against DNS DDoS attacks
Are Your Containers as Secure as You Think?DevOps.com
With the growing popularity of Container technology comes the growth of container-based attacks – but understanding your security needs will keep you ahead of the game.
Container adoption is skyrocketing, growing 40% in the last year. And it makes sense – the agility, operational efficiencies and cost savings of containerized environments are huge benefits. But as more organizations rush to leverage containers, security is increasingly becoming a major concern and is the top roadblock to container deployment. What do you need to know (and do) to keep your container environments safe?
Cloudflare protects and accelerates any web property online. We stop hackers from reaching your web property and knocking it offline. In addition, we help your site visitors access your content as fast as possible no matter their location. Join us as we discuss evolving DDoS attack types and trends to be aware about in 2018.
Why Many Websites are still Insecure (and How to Fix Them)Cloudflare
The latest version of the transport layer security (TLS) protocol was launched at the end of 2017, and version 1.3 proposes the largest change with improvements to performance and security. However, there has not been widespread adoption of this protocol which leaves many users exposed to data and privacy breaches. In this webinar, we will look at the new developments in TLS and SSL, why the internet needs better security and the technical challenges of good encryption.
Argo is a new Cloudflare feature that allows for a faster, more reliable, more secure Internet for everyone. Cloudflare has launched Argo, a “virtual backbone” for the modern Internet. Argo analyzes and optimizes routing decisions across the global Internet in real-time. Think Waze, the automobile route optimization app, but for Internet traffic.
This is an introductory guide of how to get set up and monitor the benefits of Argo.
Please do note that Argo is an add-on feature.
Cloudflare’s SSL for SaaS offering provides SaaS providers the opportunity to extend the security, performance, and encryption benefits of Cloudflare’s network to their end customers. This includes management of the entire SSL certificate lifecycle for custom vanity domains.
View the slides to learn:
-The performance, security, and encryption benefits of Cloudflare for SaaS providers and their end customers.
-How SSL for SaaS manages the entire SSL certificate lifecycle for SaaS providers and their end customers, from purchase to renewal.
-The hurdles of building and managing an in-house SSL solution for custom domains.
-How SSL for SaaS seamlessly delivers encryption to custom domains.
Running a Robust DNS Infrastructure with CloudFlare Virtual DNSCloudflare
CloudFlare is excited to announce the release of Virtual DNS. Virtual DNS protects and accelerates any organization’s DNS infrastructure through robust DDoS mitigation, lightning-fast DNS lookups, and caching at 31 locations around the globe.
65% Performance Gains at Cryptocurrency Platform CoinGecko: An Argo Smart Rou...Cloudflare
Join Cloudflare and CoinGecko, a Singapore-based cryptocurrency ranking chart platform that serves over 100 million pages views per month, for an educational webinar. Learn about the steps CoinGecko took to improve the user experience of its cryptocurrency platform, and how Cloudflare’s Argo Smart Routing routed over 1.2 billion website requests per month to improve performance on average by 65%, while using caching to save CoinGecko up to 88% on bandwidth.
Orchestrated - multi tenant architecture at scale with serverlessmartinfoster
Presented at AWS User's Group Melbourne, 25 July 2018
Follow our journey to building a SaaS product on AWS using serverless technologies to get the isolation benefits of single-tenant design, with the operational cost benefits of multi-tenant platforms.
We cover business problem, solution evolution from prototype to prod, automation and security concerns.
Distributed Denial of Service (DDoS) attackers use a variety of techniques to consume network or other resources, interrupting access for legitimate users Customers can adopt practices to reduce the impact of these attacks, including minimizing the attack surface area, safeguarding exposed resources and creating a plan for when attacks occur. This webinar will outline how to use AWS services like Elastic Load Balancing (ELB), Auto Scaling, Amazon CloudFront and Amazon Route53 to improve resiliency when attacks occur.
Learning Objectives:
• Learn techniques that can help maintain availability in the face of DDoS attacks
• Understand how AWS services can work together to increase resiliency
Who Should Attend:
• Systems Architects, Network Engineers, Web Developers
DDoS attacks make headlines everyday, but how do they work and how can you defend against them? DDoS attacks can be high volume UDP traffic floods, SYN floods, DNS amplification, or Layer 7 HTTP attacks. Understanding how to protect yourself from DDoS is critical to doing business on the internet today. Suzanne Aldrich, a lead Solutions Engineer at Cloudflare, will cover how these attacks work, what is being targeted by the attackers, and how you can protect against the different attack types. She will cap the session with the rise in IoT attacks, and expectations for the future of web security.
This presentation discusses the various types of distributed denial of service attacks launched worldwide by botnets in 2014. From DNS to Layer7 attacks, this deck provides an expert analysis of botnet breakdowns by-the-numbers including where the majority of botnets came from regionally, what attack trends were most popular, and when these attacks occurred.
Unexpected Impacts of DDoS Attacks and How to Stop ThemCaitlin Magat
With the launch of Cloudflare Rate Limiting, web security expert Troy Hunt, Microsoft Regional Director and Founder of HaveIBeenPwned.com, joins Cloudflare in this security webinar.
Webinar topics include evolving global DDoS attack trends, how Have I Been Pwned prevents excessive API requests using DDoS Protection and Rate Limiting, and a quick how-to on enabling Rate limiting in the Cloudflare dashboard.
Beyond takeover: stories from a hacked accountImperva
In this presentation, Imperva researchers explore the dynamics of credential theft. The team reversed a phishing hook to hack and track phishers using the same methods that phishers use on their victims. The presentation explores questions such as how long it takes from takeover to exploitation, what the attacker looks for in the hacked account, which decoys attract their attention, and what security practices they use to cover their tracks. Check out the slides and read the report to learn about real-world takeover stories and best practices for breach detection and remediation to protect your data. Read the full report: https://www.imperva.com/DefenseCenter/HackerIntelligenceReports
An Inside Look at a Sophisticated Multi-Vector DDoS AttackImperva Incapsula
By Nabeel Saeed
This presentation explores the current DDoS attack landscape, it covers the basics of DDoS attacks, current trends including the most recent results from the newly published 2015 Imperva Incapsula DDoS Report. It also discusses a detailed analysis of one of today’s modern, multi-vector DDoS attacks. While dissecting this DDoS attack, this presentation explores the anatomy and timeline of the attack, as well as the steps used to mitigate each phase of the assault. This session will close with a review of the aspects of effective DDoS protection solutions used to combat these sophisticated denial of service attacks.
An Inside Look at a Sophisticated, Multi-vector DDoS AttackImperva
This presentation explores the current DDoS attack landscape, it covers the basics of DDoS attacks, current trends including the most recent results from the newly published 2015 Imperva Incapsula DDoS Report. It also discusses a detailed analysis of one of today’s modern, multi-vector DDoS attacks. While dissecting this DDoS attack, this presentation explores the anatomy and timeline of the attack, as well as the steps used to mitigate each phase of the assault. This session will close with a review of the aspects of effective DDoS protection solutions used to combat these sophisticated denial of service attacks.
HITCON 2017: Building a Public RPZ Service to Protect the World's ConsumersJohn Bambenek
While we have many products and tools to protect enterprises and government networks, we are not using those same tools to protect consumers who cannot afford products and services by security companies. This talk will focus on the building of a RPZ service that can use already existing threat intelligence feeds that are freely accessible to protect consumers against threats we already know about.
Every IR presents unique challenges. But - when an attacker uses PowerShell, WMI, Kerberos attacks, novel persistence mechanisms, seemingly unlimited C2 infrastructure and half-a-dozen rapidly-evolving malware families across a 100k node network to compromise the environment at a rate of 10 systems per day - the cumulative challenges can become overwhelming. This talk will showcase the obstacles overcome during one of the largest and most advanced breaches Mandiant has ever responded to, the novel investigative techniques employed, and the lessons learned that allowed us to help remediate it.
Details a massive intrusion by Russian APT29 (AKA CozyDuke, Cozy Bear)
A secure web server isn’t really secure if the infrastructure supporting it remains vulnerable. Unless you implement infrastructure protection, your non-HTTP assets are vulnerable and you may not be as protected as you think you are.
You may be like others who need to get better DDoS protection but haven’t been able to or had to settle for an imperfect solution because of deployment limitations such as protocol dependencies and BGP restrictions. Incapsula IP Protection has now overcome these barriers — and we are the only service that can do it.
At this webinar our product experts will discuss how Incapsula customers are adopting IP Protection and bringing their DDoS protection to the next level. We’ll also have a discussion with Imperva CISO Shahar Ben-Hador who will share insights on how we use IP Protection and real-world lessons learned.
You need to protect more than just your web servers from DDoS attacks. We’ll address these questions:
Why do you need to protect more than just your web servers?
What were the limitations others ran into when they tried to do it?
How did Incapsula help them overcome the limitations?
...and much more!
Research: From zero to phishing in 60 seconds Imperva
Here are the highlights of our research on do-it-yourself kits for phishing attacks, allowing attackers to quickly and elegantly mount a phishing campaign. These slides present examples of phishing kits, reviews their main capabilities, and shows a statistical and clustering analysis of our collection of phishing kits. The main goal of our research is to shed light on the dynamics of phishing and the distribution of phishing kits in the underground community
Ransomware: Why Are Backup Vendors Trying To Scare You?marketingunitrends
Ransomware. The very word strikes fear into the hearts of admins, backup specialists, and security pros. Backup software vendors know if all your data is not protected, there is a good chance that if (when?) ransomware hits, you will most likely lose data. But, what should scare you more is less than half of ransomware victims fully recover their data, even with backup. What can you do to make sure you are not on the wrong side of a statistic?
Threat Hunting - Moving from the ad hoc to the formalPriyanka Aash
In order to effectively defend your organization, you must think about the offensive strategy as well. But before we get ahead of ourselves let’s talk briefly about the building blocks of a good offense. First is an architecture that is built around a security policy that is aligned with the business risk. Risk must be understood and a cookie cutter approach must be avoided here because again every organization is different and so are their risks.
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons LearnedImperva Incapsula
Moving your critical applications from on-premises servers to the cloud can be a daunting prospect — but it doesn't need to be. Drawing on over 5 years of experience bringing some of the largest CMS sites on the Web into the cloud, Vasken Hauri, VP of Engineering at 10up, covers the key aspects you'll need to consider to ensure a smooth and successful migration. He also touches on some best practices you can apply post-migration to keep your sites secure, performant, and worry-free in an era where our toasters can launch DDoS attacks.
Bay Area Cyber Security Meetup - How To Stay Safe OnlineDavid Dowling
Presentation by David Dowling @David_S_Dowling on practical tips and tactics to secure yourself online. The Presentation covered off items like: how to check if one of your email accounts has been compromised, how to move off a single password or that pesky Excel sheet full of passwords, why 2FA is A-ok, quick an easy ways to reduce spam, simple things to secure your computer and links to interesting security blogs.
Advanced Persistent Threat (APT) is a term given to attacks that specifically and persistently target an entity. The security community views this type of attack as a complex, sophisticated cyber-attack that can last months or even years. However, new research indicates that these attacks are actually being achieved by much simpler methods.
Imperva's Application Defense Center (ADC) has discovered that data breaches commonly associated with APT require only basic technical skills. As a result, security teams need to fundamentally shift their focus from absolute prevention of intrusion to protecting critical data assets once intruders have gained access to their infrastructure.
This presentation will:
- Expose some powerful, yet extremely simple techniques that allow attackers to efficiently expand their reach within an infected organization
- Show how attackers achieve their goals without resorting to zero-day vulnerabilities and sophisticated exploits
- Discuss how organizations can protect themselves against the advance of such attacks
From Mirai to Monero – One Year’s Worth of Honeypot DataDefCamp
Adrian Hada and Mihai Vasilescu in Bucharest, Romania on November 8-9th 2018 at DefCamp #9.
The slides and other presentations can be found on https://def.camp/archive
Learn everything from the Imperva resources you can count on when you need help, to how you can bolster your security and performance by working with the Incapsula support organization.
Get an inside look at Incapsula Security, straight from the Security Research Team. Plus, get your vulnerability management strategy on track by assessing the automated threats you face and learn about the new security features we’re working on to keep you protected.
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...Imperva Incapsula
Learn about the most important aspects of a Web Application Firewall your organization needs to have in place to protect against the most critical web application security risks. Plus, see how we’re evolving to ensure you’re protected against new attack campaigns.
Scott Helme, renowned security researcher and international speaker, shares his unique perspective on content security policy and how security has evolved.
D3NY17- Customizing Incapsula to Accommodate Single Sign-OnImperva Incapsula
In this session, learn how the Greek Orthodox Archdiocese of America was able to customize their Incapsula service to accommodate a single sign-on solution.
In this session, learn how The Economist approached migrating to the cloud and moving economist.com from legacy datacenters to Amazon Web Services (AWS).
IncapRules are an integral method to customize Incapsula for your specific applications and environment. However, we find that our enterprise clients may have questions on building advanced rules or need help understanding how to write them for complex scenarios. In this session, Jeff Serota, Technical Account Manager, discusses the interface, some of the most common filters and actions, and how a large client collaborated with our security team to thwart credential stuffing on their client self-service portal.
D3SF17- Using Incap Rules to Customize Your Security and Access ControlImperva Incapsula
IncapRules are an integral method to customize Incapsula for your specific applications and environment. However, we find that our enterprise clients may have questions on building advanced rules or need help understanding how to write them for complex scenarios. In this session, Peter Klimek, Principal Security Engineer, discusses the interface, some of the most common filters and actions, and how a large client collaborated with our security team to thwart credential stuffing on their client self-service portal.
D3SF17- Boost Your Website Performance with Application Delivery RulesImperva Incapsula
Incapsula introduced Application Delivery Rules (ADR) in October of 2016, but many clients have not tapped into their powerful abilities. In this session, Jeff Serota, Technical Account manager, provides an overview of ADR, discusses how they differ from IncapRules, and teaches you how to leverage them in your own Incapsula deployment.
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...Imperva Incapsula
It can be challenging for security teams to cut through the clutter of SIEM logs in order to analyze security information and alerts. In this session, Bryan Jones, Senior Security Engineer, walks you through the 5 major configuration steps needed to help you better manage security issues across your entire tech stack.
In this session, David Ting, VP of Engineering at DataVisor, explores the latency challenges associated with a global client base and what can be learned when implementing a performance-improving solution.
Keynote presentation by Dvir Shapira, Director of Product Management. Opening remarks include a look at where we’ve been in terms of the Internet as a whole and Internet security and performance, as well as where we’re going.
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...Imperva Incapsula
As more people shop online, it’s critical that your website meets—and even exceeds—their expectations. Online shoppers want sites that are easy to use and don’t waste their time.
According to a recent Imperva Incapsula survey, more than 60% of users said they wouldn’t wait more than five seconds for a site to load. And almost 70% said that poor website performance would cause them to leave a site and never return.
If you’re serious about reaping the benefits of the significant growth in online shopping, it’s time to get your web “house” in order. And a new free webinar from Imperva can help.
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...Imperva Incapsula
DDoS attacks are bigger and more sophisticated than ever before. Odds are your business is going to be attacked – and without an effective mitigation strategy, you don't stand a chance.
In this webinar Andrew Shoemaker a DDoS simulation expert from NimbusDDOS gives you a rare glimpse into how hackers find the weak points in your defenses and exploit them to level devastating DDoS attacks. You'll see real world examples of the tactics and methods used to create tailored DDoS attacks that can bring down a targeted network or application, and learn how best to defend them.
Migrating from Akamai to Incapsula: What You Need to KnowImperva Incapsula
The webinar gives an overview of and compares the two platforms: Incapsula and Akamai. In addition to the benefits of migrating to Incapsula, it covers planning, transitioning, configuring Incapsula and lessons learned from the field.
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate PerformanceImperva Incapsula
All too often, online threats such as DDoS attacks, scrapers, or traffic that consumes too much bandwidth are disrupting or slowing down SaaS websites. It is now more important than ever to keep website traffic flowing quickly without service interruptions.
Tempus Technologies’ president, Jason Sweitzer, talks about the technological challenges his company faced and the solutions his team adopted to increase website acceleration and uptime.
Join us for Incapsula’s free 30-minute webinar to learn how you can increase your website’s uptime and enhance its performance. We’ll be discussing opportunities SaaS companies can explore through WAF protection, frontend SSL, failover ISPs, and against DDoS attacks and using Incapsula solutions.
Is the Cloud Going to Kill Traditional Application Delivery?Imperva Incapsula
Application delivery controllers provide load balancing, acceleration, traffic shaping and other services that improve the performance, availability and security of web applications. But with more and more web application developers hosting their applications in the cloud, using application delivery hardware is often a non-starter.
This presentation discusses the architecture of a new type of service called the Application Delivery Cloud. This new cloud service not only offers critical performance, availability and security capabilities to web application vendors, it goes beyond its hardware analog to deliver new capabilities that today’s applications require, including regional content policies and up-to-the-minute security intelligence.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
5. ANDREAS LINDH
• Swedish infosec practitioner.
• Graciously provided permission to reference his material.
• @addelindh on Twitter.
• You really should follow him (on Twitter, not in real life).
HIS PRESENTATION
• March 2015, Heidelberg, Germany.
• Really good!
• You should find and watch it.
First, some food for thought
6. “An attacker only needs to find
one weakness while the
defender needs to protect all of
them all of the time.”
“A skilled and motivated
attacker will always find a
way.”
“Attackers have bosses and
budgets too.”
7. 1. If the cost to attack is less than the value of your information / Lack of
Service to the attacker, you will be attacked.
2. You don’t need to protect against everything.
3. The attacker’s greatest strength is time.
4. Your greatest strength is space.
5. You need to increase the cost of a successful attack to a point where it’s
no longer profitable to the attacker.
Some Principles of Defender Economics
BREAK THE ATTACKER’S BUDGET
WITHOUT BREAKING YOUR OWN.
8. “1. If the cost to attack is less than the value of your
information to the attacker, you will be attacked.”
10. “3. The attacker’s greatest strength is time.”
Attacker chooses:
• When to start attacking.
• When to stop attacking.
• Which days to be active.
• Which times of day to be
active.
• Speed / size of attack.
• The timeline for any public
announcements they make.
Defence issues:
• Defender has limited timeline
awareness.
• Controls which are slower to
respond than attacker’s
evasion speed are of limited
value.
• 24x7 operation is much more
expensive for defence than
attack.
11. “4. The defender’s greatest strength is space.”
Defender designs, builds and operates the
infrastructure, applications and security controls.
DEFENDER SETS THE BUDGET FOR A
SUCCESSFUL ATTACK.
Attacker: goose.
Target: humans.
Controls: Window + sign (cheap, effective).
Budget: bread for 2 x penetration geese, 8x5 hours of operation.
Now on to the Applied Defender Economics part of the preso. Andreas Lindh is a nice guy, very smart, follow him, did a talk a few months ago. Our talk is inspired by his, we’re not using his content but we have his blessing anyway if anyone asks.
By all means remove this slide if you want but if anyone challenges you, I do have Andreas’ written permission.
Let’s start with some truisms. I normally show them one by one, ask if people agree that they’re true. Be prepared to discuss. First one is usually unanimously true, second one starts a discussion. I end it by saying “Let’s assume it is true – why then do we go to work in the morning if there’s always a way for an attacker to get in? It’s because… [CLICK] attackers have bosses and budgets too”
Let’s establish some principles (1, 2 and 5 come from Andreas and work by Dino Dai Zovi, 3 and 4 are mine).
Organisations who don’t think about these either explicitly or implicitly end up like this guy – clinging desperately to their traditional security controls like AV and firewall, hoping and praying for them to step in and actually do something useful. Meanwhile the attacker is just going at them with nothing to stop them.
So I quickly step through the principles because we go into more detail on the following slides.
Common mistake in risk management equations is to use the value of data TO YOU. Instead you should use the value of data to AN ATTACKER. A lot of organisations are under-spending on controls because their data is worth much more to an attacker than it is to themselves. Use the example of hotel check-ins which have long and detailed forms asking for all kinds of PII, but in reality all they need is a CC authorisation. Mention how a lot of hotel staff don’t even ask you to fill in all these details any more but some still do out of habit – they’re collecting data they don’t need which is of no value to them but worth a lot to an attacker.
Remember our goal is to break the attacker’s budget – this helps us to understand what that budget might be, both qualitatively and quantitatively.
(Replace these with screenshots of examples relevant to your audience)
Shock! Horror! A security vendor who isn’t telling you you need to protect against everything all the time! As defenders we should invest wisely in controls. If your website is purely informational but you maintain a database of customer records, don’t listen to the DDoS vendor when he comes knocking, spend that money on database activity monitoring instead. If on the other hand you do most of your business through your website in the cloud and your staff are mostly mobile – why on earth would you spend $$$ on a perimeter IPS?
Remember, our constraint is not to break our own budget, this helps.
This should be fairly obvious, especially to anyone who has ever done pen testing or red teaming (or actually hacked something) but so many defenders seem oblivious to this and it’s fundamentally important.
But it’s not all bad. As defenders our control of the “battlespace” means that we are setting the budget for a successful attack. That’s what we do when we buy, implement and operate security controls. We’re not trying to block everything all of the time from all adversaries – that’s not possible for anyone – we’re saying to our chosen adversaries that “the bar for getting to our data is here; you need to spend that much for your attack to be successful” and if they don’t have that much bread, we win.
As this image shows… bandwidth (or rode width) do not help as the firewall needs to have the capacity to cope
Make sure they GET the difference ! Why an ISP based cant work for layer 7
Also you can explain that while the volumetric attacks are getting bigger quarter on quarter application layer attacks are CHEAPER for the ATTACKER. We are seeing in the region of 20% more application layer attacks Q1 2016 than volumetric and this is up about 10% on Q4 2015