The document outlines the importance of developing a practical and cost-effective security strategy in light of increasing security threats, such as DDoS attacks and sophisticated bots. It discusses factors exacerbating security risks, including a larger attack surface and the growing scrutiny of data privacy. Additionally, it emphasizes the need for integrated security services, ease of use, and flat-rate pricing for effective risk management.

1. How to Build a Practical and Cost-Effective
Security Strategy

2. Today’s Speakers
Jodie Holland
Account Executive @
Cloudflare
Chris De La Garza
Solutions Engineer @
Cloudflare

3. What you will learn today
3
Key trends
causing increased
exposure to
security threats
Business impact of
volumetric layer 3/4
attacks, intelligent
layer 7 attacks, and
bots
Technical overview
of integrated
security services in
the cloud
How do you build a
practical and
cost-effective
security strategy?

4. What does the threat landscape look like?

5. Factors increasing exposure to security risks
Greater scrutiny by
government and media
around data, privacy
and security
Greater attack surface area
from more public APIs, moving
to the cloud, and increasing
third-party integrations
Stronger and more
sophisticated attackers

6. Customers’ Security Threats
SYSTEM
DDoS Attack
Attack traffic impacts
availability or performance
Bots
Prevent malicious bots from
abusing site or application
Webpage
Vulnerable Applications
and APIs
Multi-vector attacks that exploit
vulnerabilities

7. Volumetric DNS Flood
Bots
DNS Server
DNS Server Server
Amplification (Layer 3 & 4)
HTTP Flood (Layer 7)
1
2
Bots
3
Bots
Degrades availability and performance of applications, websites, and APIs
HTTP
Application
Application/Login
Types of DDoS Attack Traffic
In-Depth
In-Depth

8. Lost customer trust
and degraded brand value
Lost revenue from
site downtime or higher costs
from bad traffic
Business Impacts Business Impact
● $100,000 is the average
hourly cost of an
infrastructure failure
● $141 average cost for
each lost or stolen
record containing
sensitive and
confidential information
● $3.62 million is the
average total cost of a
data breach
Cost categories:
Remediation costs (hardware, services, and software), lost revenue, lost future revenue from
customer churn, wasted marketing spend, negative brand impact, help desk costs, increase IT
staffing costs, loss of user productivity
IDC March 2015, and Ponemon Institute, June 2017

9. Building a practical and cost-effective
security strategy

10. What customers tell us they want
Scale
Resilience and intelligence
combat the biggest and
newest attacks
Ease-of-use
Intuitive UI and API
enable agile configuration
and administration
Speed
Improve performance
through integrated traffic
acceleration and low-latency
security services

11. Flat Rate Pricing
No hidden fees
No professional service charges
Traffic/Bandwidth
Time
Flat rate
Avoid unpredictable
cost from traffic spikes
Both good and attack traffic
with fixed pricing

12. Chris De La Garza, Solutions Engineer

13. Cloudflare Web Application Firewall (WAF) Cloudflare WAF
Statistics
• Analyzes 8.7 million HTTP
requests / sec. across 19m
domains
• Triggers 0.5B rules / day
• 0.3ms rule processing time
and 30 second world wide
rule propagation times
Unique intelligence to protect
against Zero-Day and new
threat vulnerabilities
88% of triggered WAF events are Cloudflare
rules – OWASP is no longer enough

14. Cloudflare Access
Secure Application Access Without A VPN
Control User Access to Applications
Enforce access to specific applications on a per-user
basis with easy-to-create and manage rules.
Deploy and Manage Access Control Quickly
Leverage existing identity providers and authenticate on
the Cloudflare global network to provide Single Sign On.
Deliver Fast Applications to Devices Anywhere
Users get easy, secure, and fast access to internal
applications wherever they are, from whatever device.
Monitor User Access and Change Logs
View and search real-time access logs in the dashboard
or integrate with a third party SIEM.
C
loudflare
Access

15. Introducing Cloudflare Spectrum
DDoS Protection at L4
● Mitigate DDoS for TCP/UDP Protocols and
Ports; Block Traffic by IP or IP Range
● Fast Performance for both TCP and UDP
● Easy to configure on a per-app basis and
scalable

16. Firewall Analytics

17. Firewall Analytics

18. 193Cities and 90+ Countries
170B
DNS queries per day, 5 trillion
DNS queries per month
44BCyber threats blocked each
day
Internet properties
(websites, apps & APIs)
20M+
1B
Unique IP address
pass every day
At the core of our service is our network
18

19. Questions?

20. Thank you!
jodie@cloudflare.com
512-536-0498