SlideShare a Scribd company logo

Jeroen Wijdogen (Akamai) | TU - Hacks & Attacks

Media Perspectives
Media Perspectives

Presentatie slides van Jeroen Wijdogen - Enterprise Security Architect bij Akamai Technology Update - Hacks & Attacks 17 februari 2015 - Hilversum

Internet
1 of 34
Download to read offline
Akamai Web Security – DDOS: is there a threat? Jeroen Wijdogen, Enterprise Security Architect
©2014 AKAMAI | FASTER FORWARDTM What is a Cyber Attack?
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Types of Attacks Application (Layer 6-7) • Zero Day, SlowLoris, Buffer Overflows, SQL Injections, Cookie Poisoning • Number of Requests Rps Protocol (Layer 4-5) • Syn Floods, Fragmented Packet, SMURF and Ping of Death • Size of Packets (Xbps) Volumetric (Layer 3) • ICMP echo, IP Spoofing, UDP Reflection attacks • Numbers of packets (Xpps) Application Presentation Session Transport Network Data Link Physical 6-7 4-5 3 OSI Model
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Layer 3 DDoS / Volumetric Attack LB R RBandwidth HTTP OS / WIN DNS DDOS Too much traffic ICMP echo, IP Spoofing, UDP Reflection attacks Attacks measured in Xbps 404 /408 Error
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Layer 4 DDoS / Protocol Attack RBandwidth HTTP OS / WIN DNS DDOS Overload Protocol Requests Syn Floods, Fragmented Packet, SMURF and Ping of Death LB Router Firewall 404 Error
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Layer 7 DDoS / Application Attacks Bandwidth DDOS Low & slow exploiting Application and OS vulnerabilities Zero Day, SlowLoris, Buffer Overflows, SQL Injections, Cookie Poisoning Router Firewall No Access IDS HTTP OS / WIN DNS SMTP VOIP
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Hacker send out a UDP packet spoofed source 10.12.13.4 NTP mon list request 1 NTP Amplification (Volume metric attack) how it works Abusable NTP Servers Target 10.12.13.4
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. NTP Amplification (Volume metric attack) how it works Abusable NTP Servers Target 10.12.13.4 2 NTP monlist reply upto 500 packets from original servers to the target
©2014 AKAMAI | FASTER FORWARDTM DDoS: What is a Botnet see the different layers
©2014 AKAMAI | FASTER FORWARDTM To exhaust load balancer and application server resources To bypass load balancers & CDN caches To bypass IDS/IPS and overload load balancers To bypass threshold- based mitigation To seem like regular visitors Legitimate Requests Low and slow Encrypted traffic Random request parameters High rate of repetitive requests Why DDoS Attacks Are Hard to Stop DDoS = Resource Exhaustion
©2014 AKAMAI | FASTER FORWARDTM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. See the black sheep? Question: What Type of attacks do we visualize here?
©2014 AKAMAI | FASTER FORWARDTM Attack report Data
©2014 AKAMAI | FASTER FORWARDTM Attack spotlight Q3 2014 – GAMING TLP = GREEN
©2014 AKAMAI | FASTER FORWARDTM2.81% 6.39% 1.28% 9.58% 9.71% 1.40% 0.26% 14.56% 0.38% 0.13% 13.15% 17.11% 0.26% 19.91% 0.64% 1.53% 0.77% 0.13% 3.81% 3.92% 0.42% 0.21% 7.42% 8.05% 0.64% 0.11% 0.21% 7.31% 23.09% 0.42% 15.25% 13.88% 4.56% 8.90% 0.53% 0.64% 0.42% 0.21% 2.76% 5.19% 0.27% 0.13% 10.51% 4.18% 0.94% 0.27% 0.40% 0.67% 14.62% 16.91% 0.07% 0.07% 10.58% 13.95% 8.15% 8.42% 0.20% 1.15% 0.54% 0% 5% 10% 15% 20% 25% ACK CHARGEN FIN Floods FIN PUSH DNS ICMP RESET RIP RAINBOW RP SNMP SSDP SYN SYN PUSH TCP Fragment UDP Floods UDP Fragment IGMP Fragment NTP HTTP GET HEAD HTTP POST PUSH SSL GET SSL POST Q4 2014 Q3 2014 Q4 2013
©2014 AKAMAI | FASTER FORWARDTM Average attack bandwidth (Gigabits per second) 4.21 13.93 6.41 0 2 4 6 8 10 12 14 16 Q4 2013 Q3 2014 Q4 2014 Gbps
©2014 AKAMAI | FASTER FORWARDTM Average attack volume (Million packets per second) Mpps 10.09 13.29 2.31 0 2 4 6 8 10 12 14 16 Q4 2013 Q3 2014 Q4 2014
©2014 AKAMAI | FASTER FORWARDTM NTP servers op het Internet Zie hier publiek benaderbare NTP servers. En hier de vulnerable NTP servers, Die vulnerable zijn voor het monlist commando +/- 100K !! https://ntpmonitorscan.shadowserver.org/stats/http://openntpproject.org/ntp-stats1.cgi
©2014 AKAMAI | FASTER FORWARDTM Multi-vector attacks 46.24 53.26 44.14 0 10 20 30 40 50 60 Q4 2013 Q3 2014 Q4 2014
©2014 AKAMAI | FASTER FORWARDTM Attacks over 100 Gbps Media 0 20 40 60 80 100 120 140 160 180 SaaS EnablementGambling/Gaming
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Know the Enemy – Motivation can come from anywhere?
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. DDoS: How bad is it today recent example?
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. DDoS: Is there a threat? Launched Christmas 2014 and untill january (hacked) 13,000 users signed up for the LizardStresser service: •  about 250 actually did anything with it: •  More than half the users launched less than 20 short attacks; •  (could purchase from 100 seconds several days) •  Pricing from $6 upto $500 •  with only 30 users launching more than 100 •  16000 attacks launched in total! * Information from: http://arstechnica.com/security/2015/01/a-hacked-ddos-on-demand-site-offers-a-look-into-mind-of-booter-users/
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. DDoS: Tools/ What is happening now? 53% 109% 83% 39% 100% 164% 51% 61% 144% 48% 69% 53% 335% 1100% 0%   200%   400%   600%   800%   1000%   1200%   1-­‐Oct   8-­‐Oct   15-­‐Oct   22-­‐Oct   29-­‐Oct   5-­‐Nov   12-­‐Nov   19-­‐Nov   26-­‐Nov   3-­‐Dec   10-­‐Dec   17-­‐Dec   24-­‐Dec   31-­‐Dec   Akamai Changes in DDoS attacks per week Q4 2014 vs. Q4 2013
©2014 AKAMAI | FASTER FORWARDTM Lizardsquad is it over?
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. DDoS: Security is like Dental Floss? •  Small Displine •  Have Commitment to make it work Het gaat er niet om wat de kans is of je wordt aangevallen maar wat is de impact als het gebeurd!
©2014 AKAMAI | FASTER FORWARDTM Questionnaire “ How vulnerable are you?” Hoe kwetsbaar ben je, wie zou een aanval op de media kunnen lanceren?
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. High performance Protect websites from DDoS and Web attacks while improving performance Akamai Edge Network Massive scale More than 157,000 servers deployed in over 1200 networks and 92 countries Distributed resources Users and attackers connect to websites through the closest edge server Built-in resiliency Built on the assumption that individual components will fail
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Data Center Protection Services (plx – Prolexic) Web Site Protection Services (KSD - Kona) Akamai Web Security Solutions Portofolio ©2013 AKAMAI | FASTER FORWARDTM Number of applications LevelofProtection(complexicty)
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Protecting Multiple Perimeters in the Cloud
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. 7 Layers of Web Application Firewall Defense 1.  Scale 150,000 servers inline and always on 2.  Reverse Proxy Automatically drops traffic not on port 80 or port 443 3.  Geo-based blocking Refuse requests from customer-selected list of countries 4.  Validate against known list of attackers Positive or negative security model (black or white lists) 5.  Rate Controls Block requests that are too fast or too slow (anomaly scoring) 6.  Kona Rule Set WAF rules continuously refined based on visibility into web 7.  Caching Dynamic and static caching to serve requests
©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Global DDoS Mitigation Network ©2014 AKAMAI
©2014 AKAMAI | FASTER FORWARDTM DDoS: Trends / problems in a CyberAttack Scale! Losse tools probleem Human Intelligence needed
©2014 AKAMAI | FASTER FORWARDTM DDoS: Trends in DDOS Complexiteit neemt toe! 2.81% 6.39% 1.28% 9.58% 9.71% 1.40% 0.26% 14.56% 0.38% 0.13% 13.15% 17.11% 0.26% 19.91% 0.64% 1.53% 0.77% 0.13% 3.81% 3.92% 0.42% 0.21% 7.42% 8.05% 0.64% 0.11% 0.21% 7.31% 23.09% 0.42% 15.25% 13.88% 4.56% 8.90% 0.53% 0.64% 0.42% 0.21% 2.76% 5.19% 0.27% 0.13% 10.51% 4.18% 0.94% 0.27% 0.40% 0.67% 14.62% 16.91% 0.07% 0.07% 10.58% 13.95% 8.15% 8.42% 0.20% 1.15% 0.54% 0% 5% 10% 15% 20% 25% ACK CHARGEN FIN Floods FIN PUSH DNS ICMP RESET RIP RAINBOW RP SNMP SSDP SYN SYN PUSH TCP Fragment UDP Floods UDP Fragment IGMP Fragment NTP HTTP GET HEAD HTTP POST PUSH SSL GET SSL POST Q4 2014 Q3 2014 Q4 2013
Questions?

Recommended

Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS Attack
Imperva
 
AWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceAWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the Compliance
Yury Chemerkin
 
Migrating from Akamai to Incapsula: What You Need to Know
Migrating from Akamai to Incapsula: What You Need to KnowMigrating from Akamai to Incapsula: What You Need to Know
Migrating from Akamai to Incapsula: What You Need to Know
Imperva Incapsula
 
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate PerformanceIncapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
Imperva Incapsula
 
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackAn Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
Imperva Incapsula
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
Imperva Incapsula
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
Marta Pacyga
 
DNS and Infrastracture DDoS Protection
DNS and Infrastracture DDoS ProtectionDNS and Infrastracture DDoS Protection
DNS and Infrastracture DDoS Protection
Imperva Incapsula
 

Recommended

Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS Attack
Imperva
 
AWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the ComplianceAWS Cloud Security From the Point of View of the Compliance
AWS Cloud Security From the Point of View of the Compliance
Yury Chemerkin
 
Migrating from Akamai to Incapsula: What You Need to Know
Migrating from Akamai to Incapsula: What You Need to KnowMigrating from Akamai to Incapsula: What You Need to Know
Migrating from Akamai to Incapsula: What You Need to Know
Imperva Incapsula
 
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate PerformanceIncapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
Incapsula: How to Increase SaaS Websites’ Uptime and Accelerate Performance
Imperva Incapsula
 
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackAn Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
Imperva Incapsula
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
Imperva Incapsula
 
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf Ali
Marta Pacyga
 
DNS and Infrastracture DDoS Protection
DNS and Infrastracture DDoS ProtectionDNS and Infrastracture DDoS Protection
DNS and Infrastracture DDoS Protection
Imperva Incapsula
 
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
Imperva Incapsula
 
How to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingHow to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart Routing
Cloudflare
 
Is the Cloud Going to Kill Traditional Application Delivery?
Is the Cloud Going to Kill Traditional Application Delivery?Is the Cloud Going to Kill Traditional Application Delivery?
Is the Cloud Going to Kill Traditional Application Delivery?
Imperva Incapsula
 
Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5
Bangladesh Network Operators Group
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
Amazon Web Services
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER Services
Oscar Romano
 
Building Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireBuilding Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and Sourcefire
Global Knowledge Training
 
Protect Your Assets with Single IP DDoS Protection
Protect Your Assets with Single IP DDoS ProtectionProtect Your Assets with Single IP DDoS Protection
Protect Your Assets with Single IP DDoS Protection
Imperva Incapsula
 
Cisco ASA con fire power services
Cisco ASA con fire power services Cisco ASA con fire power services
Cisco ASA con fire power services
Felipe Lamus
 
DDoS Protection System DPS
DDoS Protection System DPSDDoS Protection System DPS
DDoS Protection System DPS
Alexander Velikiy
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
Imperva Incapsula
 
Hol 1940-01-net pdf-en
Hol 1940-01-net pdf-enHol 1940-01-net pdf-en
Hol 1940-01-net pdf-en
dborsan
 
Usage Based Metering in the Cloud (Subscribed13)
Usage Based Metering in the Cloud (Subscribed13)Usage Based Metering in the Cloud (Subscribed13)
Usage Based Metering in the Cloud (Subscribed13)
Zuora, Inc.
 
Using a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business networkUsing a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business network
Netpluz Asia Pte Ltd
 
Secure & Protect your Data with Druva
Secure & Protect your Data with Druva Secure & Protect your Data with Druva
Secure & Protect your Data with Druva
Netpluz Asia Pte Ltd
 
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld
 
Symantec Endpoint Suite
Symantec Endpoint SuiteSymantec Endpoint Suite
Symantec Endpoint Suite
MarketingArrowECS_CZ
 
Palo Alto Virtual firewall deployment Architecture
Palo Alto Virtual firewall deployment Architecture Palo Alto Virtual firewall deployment Architecture
Palo Alto Virtual firewall deployment Architecture
Ajeet Singh
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
BAKOTECH
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
Cisco Enterprise Networks
 
Rhel5
Rhel5Rhel5
Rhel5
Yash Gulati
 
Responsive In The Wild, 2014
Responsive In The Wild, 2014Responsive In The Wild, 2014
Responsive In The Wild, 2014
Guy Podjarny
 

More Related Content

What's hot

E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
Imperva Incapsula
 
How to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingHow to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart Routing
Cloudflare
 
Is the Cloud Going to Kill Traditional Application Delivery?
Is the Cloud Going to Kill Traditional Application Delivery?Is the Cloud Going to Kill Traditional Application Delivery?
Is the Cloud Going to Kill Traditional Application Delivery?
Imperva Incapsula
 
Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5
Bangladesh Network Operators Group
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
Amazon Web Services
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER Services
Oscar Romano
 
Building Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireBuilding Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and Sourcefire
Global Knowledge Training
 
Protect Your Assets with Single IP DDoS Protection
Protect Your Assets with Single IP DDoS ProtectionProtect Your Assets with Single IP DDoS Protection
Protect Your Assets with Single IP DDoS Protection
Imperva Incapsula
 
Cisco ASA con fire power services
Cisco ASA con fire power services Cisco ASA con fire power services
Cisco ASA con fire power services
Felipe Lamus
 
DDoS Protection System DPS
DDoS Protection System DPSDDoS Protection System DPS
DDoS Protection System DPS
Alexander Velikiy
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
Imperva Incapsula
 
Hol 1940-01-net pdf-en
Hol 1940-01-net pdf-enHol 1940-01-net pdf-en
Hol 1940-01-net pdf-en
dborsan
 
Usage Based Metering in the Cloud (Subscribed13)
Usage Based Metering in the Cloud (Subscribed13)Usage Based Metering in the Cloud (Subscribed13)
Usage Based Metering in the Cloud (Subscribed13)
Zuora, Inc.
 
Using a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business networkUsing a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business network
Netpluz Asia Pte Ltd
 
Secure & Protect your Data with Druva
Secure & Protect your Data with Druva Secure & Protect your Data with Druva
Secure & Protect your Data with Druva
Netpluz Asia Pte Ltd
 
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld
 
Symantec Endpoint Suite
Symantec Endpoint SuiteSymantec Endpoint Suite
Symantec Endpoint Suite
MarketingArrowECS_CZ
 
Palo Alto Virtual firewall deployment Architecture
Palo Alto Virtual firewall deployment Architecture Palo Alto Virtual firewall deployment Architecture
Palo Alto Virtual firewall deployment Architecture
Ajeet Singh
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
BAKOTECH
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
Cisco Enterprise Networks
 

What's hot (20)

E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
 
How to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart RoutingHow to Reduce Latency with Cloudflare Argo Smart Routing
How to Reduce Latency with Cloudflare Argo Smart Routing
 
Is the Cloud Going to Kill Traditional Application Delivery?
Is the Cloud Going to Kill Traditional Application Delivery?Is the Cloud Going to Kill Traditional Application Delivery?
Is the Cloud Going to Kill Traditional Application Delivery?
 
Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5Protection and Visibitlity of Encrypted Traffic by F5
Protection and Visibitlity of Encrypted Traffic by F5
 
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
5 Steps to a Secure Hybrid Architecture - Session Sponsored by Palo Alto Netw...
 
Presentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER ServicesPresentación - Cisco ASA with FirePOWER Services
Presentación - Cisco ASA with FirePOWER Services
 
Building Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and SourcefireBuilding Up Network Security: Intrusion Prevention and Sourcefire
Building Up Network Security: Intrusion Prevention and Sourcefire
 
Protect Your Assets with Single IP DDoS Protection
Protect Your Assets with Single IP DDoS ProtectionProtect Your Assets with Single IP DDoS Protection
Protect Your Assets with Single IP DDoS Protection
 
Cisco ASA con fire power services
Cisco ASA con fire power services Cisco ASA con fire power services
Cisco ASA con fire power services
 
DDoS Protection System DPS
DDoS Protection System DPSDDoS Protection System DPS
DDoS Protection System DPS
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
 
Hol 1940-01-net pdf-en
Hol 1940-01-net pdf-enHol 1940-01-net pdf-en
Hol 1940-01-net pdf-en
 
Usage Based Metering in the Cloud (Subscribed13)
Usage Based Metering in the Cloud (Subscribed13)Usage Based Metering in the Cloud (Subscribed13)
Usage Based Metering in the Cloud (Subscribed13)
 
Using a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business networkUsing a secured, cloud-delivered SD-WAN to transform your business network
Using a secured, cloud-delivered SD-WAN to transform your business network
 
Secure & Protect your Data with Druva
Secure & Protect your Data with Druva Secure & Protect your Data with Druva
Secure & Protect your Data with Druva
 
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
VMworld 2013: VMware NSX with Next-Generation Security by Palo Alto Networks
 
Symantec Endpoint Suite
Symantec Endpoint SuiteSymantec Endpoint Suite
Symantec Endpoint Suite
 
Palo Alto Virtual firewall deployment Architecture
Palo Alto Virtual firewall deployment Architecture Palo Alto Virtual firewall deployment Architecture
Palo Alto Virtual firewall deployment Architecture
 
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
End-to-Eend security with Palo Alto Networks (Onur Kasap, Palo Alto Networks)
 
The Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and LancopeThe Network as a Sensor, Cisco and Lancope
The Network as a Sensor, Cisco and Lancope
 

Viewers also liked

Rhel5
Rhel5Rhel5
Rhel5
Yash Gulati
 
Responsive In The Wild, 2014
Responsive In The Wild, 2014Responsive In The Wild, 2014
Responsive In The Wild, 2014
Guy Podjarny
 
Akamai corporate presentation english
Akamai corporate presentation englishAkamai corporate presentation english
Akamai corporate presentation english
Jonny Nässlander
 
Key Reasons Customers Choose Akamai
Key Reasons Customers Choose Akamai Key Reasons Customers Choose Akamai
Key Reasons Customers Choose Akamai
Akamai Technologies
 
Akamai 2016 Investor Relations Summit Presentation
Akamai 2016 Investor Relations Summit PresentationAkamai 2016 Investor Relations Summit Presentation
Akamai 2016 Investor Relations Summit Presentation
Liz Bradley
 
BrightonSEO Sep 2015 - HTTPS | Mark Thomas
BrightonSEO Sep 2015 - HTTPS | Mark Thomas BrightonSEO Sep 2015 - HTTPS | Mark Thomas
BrightonSEO Sep 2015 - HTTPS | Mark Thomas
Anna Morrison
 
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
Guy Podjarny
 
Http Vs Https .
Http Vs Https . Http Vs Https .
Http Vs Https .
simplyharshad
 

Viewers also liked (8)

Rhel5
Rhel5Rhel5
Rhel5
 
Responsive In The Wild, 2014
Responsive In The Wild, 2014Responsive In The Wild, 2014
Responsive In The Wild, 2014
 
Akamai corporate presentation english
Akamai corporate presentation englishAkamai corporate presentation english
Akamai corporate presentation english
 
Key Reasons Customers Choose Akamai
Key Reasons Customers Choose Akamai Key Reasons Customers Choose Akamai
Key Reasons Customers Choose Akamai
 
Akamai 2016 Investor Relations Summit Presentation
Akamai 2016 Investor Relations Summit PresentationAkamai 2016 Investor Relations Summit Presentation
Akamai 2016 Investor Relations Summit Presentation
 
BrightonSEO Sep 2015 - HTTPS | Mark Thomas
BrightonSEO Sep 2015 - HTTPS | Mark Thomas BrightonSEO Sep 2015 - HTTPS | Mark Thomas
BrightonSEO Sep 2015 - HTTPS | Mark Thomas
 
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
HTTPS: What, Why and How (SmashingConf Freiburg, Sep 2015)
 
Http Vs Https .
Http Vs Https . Http Vs Https .
Http Vs Https .
 

Similar to Jeroen Wijdogen (Akamai) | TU - Hacks & Attacks

Akamai Korea - Tech Day (2015/03/11) DNS
Akamai Korea - Tech Day (2015/03/11) DNSAkamai Korea - Tech Day (2015/03/11) DNS
Akamai Korea - Tech Day (2015/03/11) DNS
SangJin Kang
 
PLNOG 13: James Kretchmar: How Akamai scales to serve the largest events on t...
PLNOG 13: James Kretchmar: How Akamai scales to serve the largest events on t...PLNOG 13: James Kretchmar: How Akamai scales to serve the largest events on t...
PLNOG 13: James Kretchmar: How Akamai scales to serve the largest events on t...
PROIDEA
 
Holiday Retail Readiness: Preparing For Peak
Holiday Retail Readiness: Preparing For PeakHoliday Retail Readiness: Preparing For Peak
Holiday Retail Readiness: Preparing For Peak
G3 Communications
 
Velocity EU 2014: Recycling the Web (why it's slowing your mobile app)
Velocity EU 2014: Recycling the Web (why it's slowing your mobile app)Velocity EU 2014: Recycling the Web (why it's slowing your mobile app)
Velocity EU 2014: Recycling the Web (why it's slowing your mobile app)
Colin Bendell
 
DESAYUNO DE TRABAJO AKAMAI
DESAYUNO DE TRABAJO AKAMAIDESAYUNO DE TRABAJO AKAMAI
DESAYUNO DE TRABAJO AKAMAI
Cristian Garcia G.
 
Closing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
Closing the Loop on Web Application Vulnerabilities - John Dilley, AkamaiClosing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
Closing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
Akamai Technologies
 
Great Expectations - Dr. Tom Leighton, Akamai
Great Expectations - Dr. Tom Leighton, AkamaiGreat Expectations - Dr. Tom Leighton, Akamai
Great Expectations - Dr. Tom Leighton, Akamai
Akamai Technologies
 
DDOS –Global threats and mitigation
DDOS –Global threats and mitigationDDOS –Global threats and mitigation
DDOS –Global threats and mitigation
Cisco Russia
 
Cloudflare_Everywhere_Security_Solution_Brief (1).pdf
Cloudflare_Everywhere_Security_Solution_Brief (1).pdfCloudflare_Everywhere_Security_Solution_Brief (1).pdf
Cloudflare_Everywhere_Security_Solution_Brief (1).pdf
petchphumsanit40
 
Tom uk soti_final_without video.4.21.15
Tom uk soti_final_without video.4.21.15Tom uk soti_final_without video.4.21.15
Tom uk soti_final_without video.4.21.15
Liz Bradley
 
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
BAKOTECH
 
Akamai in a hyperconnected world
Akamai in a hyperconnected worldAkamai in a hyperconnected world
Akamai in a hyperconnected world
magda3695
 
Akamai in a hyperconnected world
Akamai in a hyperconnected worldAkamai in a hyperconnected world
Akamai in a hyperconnected world
magda3695
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
Chrysostomos Christofi
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
Cloudflare
 
Pxosys Webinar Amplify your Security
Pxosys Webinar Amplify your SecurityPxosys Webinar Amplify your Security
Pxosys Webinar Amplify your Security
🏆Ruben Cocheno💭
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Cristian Garcia G.
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
Cisco Canada
 
Forcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPSForcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPS
Larry Austin
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud Generation
Forcepoint LLC
 

Similar to Jeroen Wijdogen (Akamai) | TU - Hacks & Attacks (20)

Akamai Korea - Tech Day (2015/03/11) DNS
Akamai Korea - Tech Day (2015/03/11) DNSAkamai Korea - Tech Day (2015/03/11) DNS
Akamai Korea - Tech Day (2015/03/11) DNS
 
PLNOG 13: James Kretchmar: How Akamai scales to serve the largest events on t...
PLNOG 13: James Kretchmar: How Akamai scales to serve the largest events on t...PLNOG 13: James Kretchmar: How Akamai scales to serve the largest events on t...
PLNOG 13: James Kretchmar: How Akamai scales to serve the largest events on t...
 
Holiday Retail Readiness: Preparing For Peak
Holiday Retail Readiness: Preparing For PeakHoliday Retail Readiness: Preparing For Peak
Holiday Retail Readiness: Preparing For Peak
 
Velocity EU 2014: Recycling the Web (why it's slowing your mobile app)
Velocity EU 2014: Recycling the Web (why it's slowing your mobile app)Velocity EU 2014: Recycling the Web (why it's slowing your mobile app)
Velocity EU 2014: Recycling the Web (why it's slowing your mobile app)
 
DESAYUNO DE TRABAJO AKAMAI
DESAYUNO DE TRABAJO AKAMAIDESAYUNO DE TRABAJO AKAMAI
DESAYUNO DE TRABAJO AKAMAI
 
Closing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
Closing the Loop on Web Application Vulnerabilities - John Dilley, AkamaiClosing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
Closing the Loop on Web Application Vulnerabilities - John Dilley, Akamai
 
Great Expectations - Dr. Tom Leighton, Akamai
Great Expectations - Dr. Tom Leighton, AkamaiGreat Expectations - Dr. Tom Leighton, Akamai
Great Expectations - Dr. Tom Leighton, Akamai
 
DDOS –Global threats and mitigation
DDOS –Global threats and mitigationDDOS –Global threats and mitigation
DDOS –Global threats and mitigation
 
Cloudflare_Everywhere_Security_Solution_Brief (1).pdf
Cloudflare_Everywhere_Security_Solution_Brief (1).pdfCloudflare_Everywhere_Security_Solution_Brief (1).pdf
Cloudflare_Everywhere_Security_Solution_Brief (1).pdf
 
Tom uk soti_final_without video.4.21.15
Tom uk soti_final_without video.4.21.15Tom uk soti_final_without video.4.21.15
Tom uk soti_final_without video.4.21.15
 
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
End to End Security With Palo Alto Networks (Onur Kasap, engineer Palo Alto N...
 
Akamai in a hyperconnected world
Akamai in a hyperconnected worldAkamai in a hyperconnected world
Akamai in a hyperconnected world
 
Akamai in a hyperconnected world
Akamai in a hyperconnected worldAkamai in a hyperconnected world
Akamai in a hyperconnected world
 
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
apl5iy2ftxiwofbhsmxj-signature-584e2459f99b5370bda435f09b42cc84cc8c063b8cd454...
 
A Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud JourneyA Different Approach to Securing Your Cloud Journey
A Different Approach to Securing Your Cloud Journey
 
Pxosys Webinar Amplify your Security
Pxosys Webinar Amplify your SecurityPxosys Webinar Amplify your Security
Pxosys Webinar Amplify your Security
 
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformadoDesafíos de la Ciberseguridad en un ecosistema digitalmente transformado
Desafíos de la Ciberseguridad en un ecosistema digitalmente transformado
 
Advanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real WorldAdvanced threat security - Cyber Security For The Real World
Advanced threat security - Cyber Security For The Real World
 
Forcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPSForcepoint SD-WAN and NGFW + IPS
Forcepoint SD-WAN and NGFW + IPS
 
Securing Beyond the Cloud Generation
Securing Beyond the Cloud GenerationSecuring Beyond the Cloud Generation
Securing Beyond the Cloud Generation
 

More from Media Perspectives

Presentatie Paul Rutten - Monitor Creatieve Industrie 2021
Presentatie Paul Rutten - Monitor Creatieve Industrie 2021Presentatie Paul Rutten - Monitor Creatieve Industrie 2021
Presentatie Paul Rutten - Monitor Creatieve Industrie 2021
Media Perspectives
 
Jeroen Broekema (Springcast) - Podcast hosting en analytics
Jeroen Broekema (Springcast) - Podcast hosting en analyticsJeroen Broekema (Springcast) - Podcast hosting en analytics
Jeroen Broekema (Springcast) - Podcast hosting en analytics
Media Perspectives
 
Liedewij Hentenaar (Audify) over de groei van audio
Liedewij Hentenaar (Audify) over de groei van audioLiedewij Hentenaar (Audify) over de groei van audio
Liedewij Hentenaar (Audify) over de groei van audio
Media Perspectives
 
Egon Verhagen (NPO) - Audio innovatie bij de publieke omroep
Egon Verhagen (NPO) - Audio innovatie bij de publieke omroepEgon Verhagen (NPO) - Audio innovatie bij de publieke omroep
Egon Verhagen (NPO) - Audio innovatie bij de publieke omroep
Media Perspectives
 
Willem Brom (EndemolShine) over non-scripted voor streamers
Willem Brom (EndemolShine) over non-scripted voor streamersWillem Brom (EndemolShine) over non-scripted voor streamers
Willem Brom (EndemolShine) over non-scripted voor streamers
Media Perspectives
 
Jordi van de Bovenkamp (MediaMonks) met vijf tips voor fit-for-format-content
Jordi van de Bovenkamp (MediaMonks) met vijf tips voor fit-for-format-contentJordi van de Bovenkamp (MediaMonks) met vijf tips voor fit-for-format-content
Jordi van de Bovenkamp (MediaMonks) met vijf tips voor fit-for-format-content
Media Perspectives
 
Laura Veenema (NewBe) over 'superserve the niche'
Laura Veenema (NewBe) over 'superserve the niche'Laura Veenema (NewBe) over 'superserve the niche'
Laura Veenema (NewBe) over 'superserve the niche'
Media Perspectives
 
Gerard de Kloet (NOS) over @NOS op Instagram
Gerard de Kloet (NOS) over @NOS op Instagram Gerard de Kloet (NOS) over @NOS op Instagram
Gerard de Kloet (NOS) over @NOS op Instagram
Media Perspectives
 
Paulo Lopes Escudeiro over nieuwe TikTok-gewoontes @ Cross Media Café - Nieuw...
Paulo Lopes Escudeiro over nieuwe TikTok-gewoontes @ Cross Media Café - Nieuw...Paulo Lopes Escudeiro over nieuwe TikTok-gewoontes @ Cross Media Café - Nieuw...
Paulo Lopes Escudeiro over nieuwe TikTok-gewoontes @ Cross Media Café - Nieuw...
Media Perspectives
 
Slides MediaTalk NOS-project '75 jaar bevrijding'
Slides MediaTalk NOS-project '75 jaar bevrijding'Slides MediaTalk NOS-project '75 jaar bevrijding'
Slides MediaTalk NOS-project '75 jaar bevrijding'
Media Perspectives
 
Paul Bojarski (Sceenic) over Watch Together @ CMC - Innovatie in coronatijden
Paul Bojarski (Sceenic) over Watch Together @ CMC - Innovatie in coronatijdenPaul Bojarski (Sceenic) over Watch Together @ CMC - Innovatie in coronatijden
Paul Bojarski (Sceenic) over Watch Together @ CMC - Innovatie in coronatijden
Media Perspectives
 
Tomas van den Spiegel (Flanders Classics) en Jorre Belpaire (Kiswe Mobile) ov...
Tomas van den Spiegel (Flanders Classics) en Jorre Belpaire (Kiswe Mobile) ov...Tomas van den Spiegel (Flanders Classics) en Jorre Belpaire (Kiswe Mobile) ov...
Tomas van den Spiegel (Flanders Classics) en Jorre Belpaire (Kiswe Mobile) ov...
Media Perspectives
 
Geraldine Macqueron (GAME OVER) over het initiatief Creators United @ CMC - I...
Geraldine Macqueron (GAME OVER) over het initiatief Creators United @ CMC - I...Geraldine Macqueron (GAME OVER) over het initiatief Creators United @ CMC - I...
Geraldine Macqueron (GAME OVER) over het initiatief Creators United @ CMC - I...
Media Perspectives
 
Arno Scharl (webLyzard technology) over online corona sentimenten weergeeft @...
Arno Scharl (webLyzard technology) over online corona sentimenten weergeeft @...Arno Scharl (webLyzard technology) over online corona sentimenten weergeeft @...
Arno Scharl (webLyzard technology) over online corona sentimenten weergeeft @...
Media Perspectives
 
William Linders (ODMedia) over de opkomst van SVOD en AVOD
William Linders (ODMedia) over de opkomst van SVOD en AVODWilliam Linders (ODMedia) over de opkomst van SVOD en AVOD
William Linders (ODMedia) over de opkomst van SVOD en AVOD
Media Perspectives
 
Suzan Hoogland (GfK) over hoe de Nederlander 'Video' consumeert
Suzan Hoogland (GfK) over hoe de Nederlander 'Video' consumeertSuzan Hoogland (GfK) over hoe de Nederlander 'Video' consumeert
Suzan Hoogland (GfK) over hoe de Nederlander 'Video' consumeert
Media Perspectives
 
Maarten Lens-FitzGerald (voice ondernemers) @ CMC Nieuwe Interfaces
Maarten Lens-FitzGerald (voice ondernemers) @ CMC Nieuwe Interfaces Maarten Lens-FitzGerald (voice ondernemers) @ CMC Nieuwe Interfaces
Maarten Lens-FitzGerald (voice ondernemers) @ CMC Nieuwe Interfaces
Media Perspectives
 
Jeroen de Bakker (Talpa Network) @ CMC Nieuwe Interfaces
Jeroen de Bakker (Talpa Network) @ CMC Nieuwe InterfacesJeroen de Bakker (Talpa Network) @ CMC Nieuwe Interfaces
Jeroen de Bakker (Talpa Network) @ CMC Nieuwe Interfaces
Media Perspectives
 
Vera Holland (KRO-NCRV) @ CMC Nieuwe Interfaces
Vera Holland (KRO-NCRV) @ CMC Nieuwe InterfacesVera Holland (KRO-NCRV) @ CMC Nieuwe Interfaces
Vera Holland (KRO-NCRV) @ CMC Nieuwe Interfaces
Media Perspectives
 
Joey Scheufler (Prappers Media) @ CMC Nieuwe Interfaces
Joey Scheufler (Prappers Media) @ CMC Nieuwe InterfacesJoey Scheufler (Prappers Media) @ CMC Nieuwe Interfaces
Joey Scheufler (Prappers Media) @ CMC Nieuwe Interfaces
Media Perspectives
 

More from Media Perspectives (20)

Presentatie Paul Rutten - Monitor Creatieve Industrie 2021
Presentatie Paul Rutten - Monitor Creatieve Industrie 2021Presentatie Paul Rutten - Monitor Creatieve Industrie 2021
Presentatie Paul Rutten - Monitor Creatieve Industrie 2021
 
Jeroen Broekema (Springcast) - Podcast hosting en analytics
Jeroen Broekema (Springcast) - Podcast hosting en analyticsJeroen Broekema (Springcast) - Podcast hosting en analytics
Jeroen Broekema (Springcast) - Podcast hosting en analytics
 
Liedewij Hentenaar (Audify) over de groei van audio
Liedewij Hentenaar (Audify) over de groei van audioLiedewij Hentenaar (Audify) over de groei van audio
Liedewij Hentenaar (Audify) over de groei van audio
 
Egon Verhagen (NPO) - Audio innovatie bij de publieke omroep
Egon Verhagen (NPO) - Audio innovatie bij de publieke omroepEgon Verhagen (NPO) - Audio innovatie bij de publieke omroep
Egon Verhagen (NPO) - Audio innovatie bij de publieke omroep
 
Willem Brom (EndemolShine) over non-scripted voor streamers
Willem Brom (EndemolShine) over non-scripted voor streamersWillem Brom (EndemolShine) over non-scripted voor streamers
Willem Brom (EndemolShine) over non-scripted voor streamers
 
Jordi van de Bovenkamp (MediaMonks) met vijf tips voor fit-for-format-content
Jordi van de Bovenkamp (MediaMonks) met vijf tips voor fit-for-format-contentJordi van de Bovenkamp (MediaMonks) met vijf tips voor fit-for-format-content
Jordi van de Bovenkamp (MediaMonks) met vijf tips voor fit-for-format-content
 
Laura Veenema (NewBe) over 'superserve the niche'
Laura Veenema (NewBe) over 'superserve the niche'Laura Veenema (NewBe) over 'superserve the niche'
Laura Veenema (NewBe) over 'superserve the niche'
 
Gerard de Kloet (NOS) over @NOS op Instagram
Gerard de Kloet (NOS) over @NOS op Instagram Gerard de Kloet (NOS) over @NOS op Instagram
Gerard de Kloet (NOS) over @NOS op Instagram
 
Paulo Lopes Escudeiro over nieuwe TikTok-gewoontes @ Cross Media Café - Nieuw...
Paulo Lopes Escudeiro over nieuwe TikTok-gewoontes @ Cross Media Café - Nieuw...Paulo Lopes Escudeiro over nieuwe TikTok-gewoontes @ Cross Media Café - Nieuw...
Paulo Lopes Escudeiro over nieuwe TikTok-gewoontes @ Cross Media Café - Nieuw...
 
Slides MediaTalk NOS-project '75 jaar bevrijding'
Slides MediaTalk NOS-project '75 jaar bevrijding'Slides MediaTalk NOS-project '75 jaar bevrijding'
Slides MediaTalk NOS-project '75 jaar bevrijding'
 
Paul Bojarski (Sceenic) over Watch Together @ CMC - Innovatie in coronatijden
Paul Bojarski (Sceenic) over Watch Together @ CMC - Innovatie in coronatijdenPaul Bojarski (Sceenic) over Watch Together @ CMC - Innovatie in coronatijden
Paul Bojarski (Sceenic) over Watch Together @ CMC - Innovatie in coronatijden
 
Tomas van den Spiegel (Flanders Classics) en Jorre Belpaire (Kiswe Mobile) ov...
Tomas van den Spiegel (Flanders Classics) en Jorre Belpaire (Kiswe Mobile) ov...Tomas van den Spiegel (Flanders Classics) en Jorre Belpaire (Kiswe Mobile) ov...
Tomas van den Spiegel (Flanders Classics) en Jorre Belpaire (Kiswe Mobile) ov...
 
Geraldine Macqueron (GAME OVER) over het initiatief Creators United @ CMC - I...
Geraldine Macqueron (GAME OVER) over het initiatief Creators United @ CMC - I...Geraldine Macqueron (GAME OVER) over het initiatief Creators United @ CMC - I...
Geraldine Macqueron (GAME OVER) over het initiatief Creators United @ CMC - I...
 
Arno Scharl (webLyzard technology) over online corona sentimenten weergeeft @...
Arno Scharl (webLyzard technology) over online corona sentimenten weergeeft @...Arno Scharl (webLyzard technology) over online corona sentimenten weergeeft @...
Arno Scharl (webLyzard technology) over online corona sentimenten weergeeft @...
 
William Linders (ODMedia) over de opkomst van SVOD en AVOD
William Linders (ODMedia) over de opkomst van SVOD en AVODWilliam Linders (ODMedia) over de opkomst van SVOD en AVOD
William Linders (ODMedia) over de opkomst van SVOD en AVOD
 
Suzan Hoogland (GfK) over hoe de Nederlander 'Video' consumeert
Suzan Hoogland (GfK) over hoe de Nederlander 'Video' consumeertSuzan Hoogland (GfK) over hoe de Nederlander 'Video' consumeert
Suzan Hoogland (GfK) over hoe de Nederlander 'Video' consumeert
 
Maarten Lens-FitzGerald (voice ondernemers) @ CMC Nieuwe Interfaces
Maarten Lens-FitzGerald (voice ondernemers) @ CMC Nieuwe Interfaces Maarten Lens-FitzGerald (voice ondernemers) @ CMC Nieuwe Interfaces
Maarten Lens-FitzGerald (voice ondernemers) @ CMC Nieuwe Interfaces
 
Jeroen de Bakker (Talpa Network) @ CMC Nieuwe Interfaces
Jeroen de Bakker (Talpa Network) @ CMC Nieuwe InterfacesJeroen de Bakker (Talpa Network) @ CMC Nieuwe Interfaces
Jeroen de Bakker (Talpa Network) @ CMC Nieuwe Interfaces
 
Vera Holland (KRO-NCRV) @ CMC Nieuwe Interfaces
Vera Holland (KRO-NCRV) @ CMC Nieuwe InterfacesVera Holland (KRO-NCRV) @ CMC Nieuwe Interfaces
Vera Holland (KRO-NCRV) @ CMC Nieuwe Interfaces
 
Joey Scheufler (Prappers Media) @ CMC Nieuwe Interfaces
Joey Scheufler (Prappers Media) @ CMC Nieuwe InterfacesJoey Scheufler (Prappers Media) @ CMC Nieuwe Interfaces
Joey Scheufler (Prappers Media) @ CMC Nieuwe Interfaces
 

Recently uploaded

办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
uehowe
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
ysasp1
 
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
k4ncd0z
 
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
rtunex8r
 
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
3a0sd7z3
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
xjq03c34
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
uehowe
 
HijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process HollowingHijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process Hollowing
Donato Onofri
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
wolfsoftcompanyco
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
Paul Walk
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
davidjhones387
 
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
3a0sd7z3
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
Toptal Tech
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
fovkoyb
 
Bengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal BrandingBengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal Branding
Tarandeep Singh
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
uehowe
 

Recently uploaded (16)

办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
办理毕业证(UPenn毕业证)宾夕法尼亚大学毕业证成绩单快速办理
 
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
成绩单ps(UST毕业证)圣托马斯大学毕业证成绩单快速办理
 
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理一比一原版(USYD毕业证)悉尼大学毕业证如何办理
一比一原版(USYD毕业证)悉尼大学毕业证如何办理
 
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
怎么办理(umiami毕业证书)美国迈阿密大学毕业证文凭证书实拍图原版一模一样
 
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
快速办理(新加坡SMU毕业证书)新加坡管理大学毕业证文凭证书一模一样
 
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
办理新西兰奥克兰大学毕业证学位证书范本原版一模一样
 
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
留学挂科(UofM毕业证)明尼苏达大学毕业证成绩单复刻办理
 
HijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process HollowingHijackLoader Evolution: Interactive Process Hollowing
HijackLoader Evolution: Interactive Process Hollowing
 
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaalmanuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
manuaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaal
 
Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?Should Repositories Participate in the Fediverse?
Should Repositories Participate in the Fediverse?
 
Discover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to IndiaDiscover the benefits of outsourcing SEO to India
Discover the benefits of outsourcing SEO to India
 
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
快速办理(Vic毕业证书)惠灵顿维多利亚大学毕业证完成信一模一样
 
Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!Ready to Unlock the Power of Blockchain!
Ready to Unlock the Power of Blockchain!
 
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
存档可查的(USC毕业证)南加利福尼亚大学毕业证成绩单制做办理
 
Bengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal BrandingBengaluru Dreamin' 24 - Personal Branding
Bengaluru Dreamin' 24 - Personal Branding
 
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
办理毕业证(NYU毕业证)纽约大学毕业证成绩单官方原版办理
 

Jeroen Wijdogen (Akamai) | TU - Hacks & Attacks

  • 1. Akamai Web Security – DDOS: is there a threat? Jeroen Wijdogen, Enterprise Security Architect
  • 2. ©2014 AKAMAI | FASTER FORWARDTM What is a Cyber Attack?
  • 3. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Types of Attacks Application (Layer 6-7) • Zero Day, SlowLoris, Buffer Overflows, SQL Injections, Cookie Poisoning • Number of Requests Rps Protocol (Layer 4-5) • Syn Floods, Fragmented Packet, SMURF and Ping of Death • Size of Packets (Xbps) Volumetric (Layer 3) • ICMP echo, IP Spoofing, UDP Reflection attacks • Numbers of packets (Xpps) Application Presentation Session Transport Network Data Link Physical 6-7 4-5 3 OSI Model
  • 4. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Layer 3 DDoS / Volumetric Attack LB R RBandwidth HTTP OS / WIN DNS DDOS Too much traffic ICMP echo, IP Spoofing, UDP Reflection attacks Attacks measured in Xbps 404 /408 Error
  • 5. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Layer 4 DDoS / Protocol Attack RBandwidth HTTP OS / WIN DNS DDOS Overload Protocol Requests Syn Floods, Fragmented Packet, SMURF and Ping of Death LB Router Firewall 404 Error
  • 6. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Layer 7 DDoS / Application Attacks Bandwidth DDOS Low & slow exploiting Application and OS vulnerabilities Zero Day, SlowLoris, Buffer Overflows, SQL Injections, Cookie Poisoning Router Firewall No Access IDS HTTP OS / WIN DNS SMTP VOIP
  • 7. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Hacker send out a UDP packet spoofed source 10.12.13.4 NTP mon list request 1 NTP Amplification (Volume metric attack) how it works Abusable NTP Servers Target 10.12.13.4
  • 8. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. NTP Amplification (Volume metric attack) how it works Abusable NTP Servers Target 10.12.13.4 2 NTP monlist reply upto 500 packets from original servers to the target
  • 9. ©2014 AKAMAI | FASTER FORWARDTM DDoS: What is a Botnet see the different layers
  • 10. ©2014 AKAMAI | FASTER FORWARDTM To exhaust load balancer and application server resources To bypass load balancers & CDN caches To bypass IDS/IPS and overload load balancers To bypass threshold- based mitigation To seem like regular visitors Legitimate Requests Low and slow Encrypted traffic Random request parameters High rate of repetitive requests Why DDoS Attacks Are Hard to Stop DDoS = Resource Exhaustion
  • 11. ©2014 AKAMAI | FASTER FORWARDTM Grow revenue opportunities with fast, personalized web experiences and manage complexity from peak demand, mobile devices and data collection. See the black sheep? Question: What Type of attacks do we visualize here?
  • 12. ©2014 AKAMAI | FASTER FORWARDTM Attack report Data
  • 13. ©2014 AKAMAI | FASTER FORWARDTM Attack spotlight Q3 2014 – GAMING TLP = GREEN
  • 14. ©2014 AKAMAI | FASTER FORWARDTM2.81% 6.39% 1.28% 9.58% 9.71% 1.40% 0.26% 14.56% 0.38% 0.13% 13.15% 17.11% 0.26% 19.91% 0.64% 1.53% 0.77% 0.13% 3.81% 3.92% 0.42% 0.21% 7.42% 8.05% 0.64% 0.11% 0.21% 7.31% 23.09% 0.42% 15.25% 13.88% 4.56% 8.90% 0.53% 0.64% 0.42% 0.21% 2.76% 5.19% 0.27% 0.13% 10.51% 4.18% 0.94% 0.27% 0.40% 0.67% 14.62% 16.91% 0.07% 0.07% 10.58% 13.95% 8.15% 8.42% 0.20% 1.15% 0.54% 0% 5% 10% 15% 20% 25% ACK CHARGEN FIN Floods FIN PUSH DNS ICMP RESET RIP RAINBOW RP SNMP SSDP SYN SYN PUSH TCP Fragment UDP Floods UDP Fragment IGMP Fragment NTP HTTP GET HEAD HTTP POST PUSH SSL GET SSL POST Q4 2014 Q3 2014 Q4 2013
  • 15. ©2014 AKAMAI | FASTER FORWARDTM Average attack bandwidth (Gigabits per second) 4.21 13.93 6.41 0 2 4 6 8 10 12 14 16 Q4 2013 Q3 2014 Q4 2014 Gbps
  • 16. ©2014 AKAMAI | FASTER FORWARDTM Average attack volume (Million packets per second) Mpps 10.09 13.29 2.31 0 2 4 6 8 10 12 14 16 Q4 2013 Q3 2014 Q4 2014
  • 17. ©2014 AKAMAI | FASTER FORWARDTM NTP servers op het Internet Zie hier publiek benaderbare NTP servers. En hier de vulnerable NTP servers, Die vulnerable zijn voor het monlist commando +/- 100K !! https://ntpmonitorscan.shadowserver.org/stats/http://openntpproject.org/ntp-stats1.cgi
  • 18. ©2014 AKAMAI | FASTER FORWARDTM Multi-vector attacks 46.24 53.26 44.14 0 10 20 30 40 50 60 Q4 2013 Q3 2014 Q4 2014
  • 19. ©2014 AKAMAI | FASTER FORWARDTM Attacks over 100 Gbps Media 0 20 40 60 80 100 120 140 160 180 SaaS EnablementGambling/Gaming
  • 20. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Know the Enemy – Motivation can come from anywhere?
  • 21. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. DDoS: How bad is it today recent example?
  • 22. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. DDoS: Is there a threat? Launched Christmas 2014 and untill january (hacked) 13,000 users signed up for the LizardStresser service: •  about 250 actually did anything with it: •  More than half the users launched less than 20 short attacks; •  (could purchase from 100 seconds several days) •  Pricing from $6 upto $500 •  with only 30 users launching more than 100 •  16000 attacks launched in total! * Information from: http://arstechnica.com/security/2015/01/a-hacked-ddos-on-demand-site-offers-a-look-into-mind-of-booter-users/
  • 23. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. DDoS: Tools/ What is happening now? 53% 109% 83% 39% 100% 164% 51% 61% 144% 48% 69% 53% 335% 1100% 0%   200%   400%   600%   800%   1000%   1200%   1-­‐Oct   8-­‐Oct   15-­‐Oct   22-­‐Oct   29-­‐Oct   5-­‐Nov   12-­‐Nov   19-­‐Nov   26-­‐Nov   3-­‐Dec   10-­‐Dec   17-­‐Dec   24-­‐Dec   31-­‐Dec   Akamai Changes in DDoS attacks per week Q4 2014 vs. Q4 2013
  • 24. ©2014 AKAMAI | FASTER FORWARDTM Lizardsquad is it over?
  • 25. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. DDoS: Security is like Dental Floss? •  Small Displine •  Have Commitment to make it work Het gaat er niet om wat de kans is of je wordt aangevallen maar wat is de impact als het gebeurd!
  • 26. ©2014 AKAMAI | FASTER FORWARDTM Questionnaire “ How vulnerable are you?” Hoe kwetsbaar ben je, wie zou een aanval op de media kunnen lanceren?
  • 27. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. High performance Protect websites from DDoS and Web attacks while improving performance Akamai Edge Network Massive scale More than 157,000 servers deployed in over 1200 networks and 92 countries Distributed resources Users and attackers connect to websites through the closest edge server Built-in resiliency Built on the assumption that individual components will fail
  • 28. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Data Center Protection Services (plx – Prolexic) Web Site Protection Services (KSD - Kona) Akamai Web Security Solutions Portofolio ©2013 AKAMAI | FASTER FORWARDTM Number of applications LevelofProtection(complexicty)
  • 29. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Protecting Multiple Perimeters in the Cloud
  • 30. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. 7 Layers of Web Application Firewall Defense 1.  Scale 150,000 servers inline and always on 2.  Reverse Proxy Automatically drops traffic not on port 80 or port 443 3.  Geo-based blocking Refuse requests from customer-selected list of countries 4.  Validate against known list of attackers Positive or negative security model (black or white lists) 5.  Rate Controls Block requests that are too fast or too slow (anomaly scoring) 6.  Kona Rule Set WAF rules continuously refined based on visibility into web 7.  Caching Dynamic and static caching to serve requests
  • 31. ©2014 AKAMAI | FASTER FORWARDTM Avoid data theft and downtime by extending the security perimeter outside the data-center and protect from increasing frequency, scale and sophistication of web attacks. Global DDoS Mitigation Network ©2014 AKAMAI
  • 32. ©2014 AKAMAI | FASTER FORWARDTM DDoS: Trends / problems in a CyberAttack Scale! Losse tools probleem Human Intelligence needed
  • 33. ©2014 AKAMAI | FASTER FORWARDTM DDoS: Trends in DDOS Complexiteit neemt toe! 2.81% 6.39% 1.28% 9.58% 9.71% 1.40% 0.26% 14.56% 0.38% 0.13% 13.15% 17.11% 0.26% 19.91% 0.64% 1.53% 0.77% 0.13% 3.81% 3.92% 0.42% 0.21% 7.42% 8.05% 0.64% 0.11% 0.21% 7.31% 23.09% 0.42% 15.25% 13.88% 4.56% 8.90% 0.53% 0.64% 0.42% 0.21% 2.76% 5.19% 0.27% 0.13% 10.51% 4.18% 0.94% 0.27% 0.40% 0.67% 14.62% 16.91% 0.07% 0.07% 10.58% 13.95% 8.15% 8.42% 0.20% 1.15% 0.54% 0% 5% 10% 15% 20% 25% ACK CHARGEN FIN Floods FIN PUSH DNS ICMP RESET RIP RAINBOW RP SNMP SSDP SYN SYN PUSH TCP Fragment UDP Floods UDP Fragment IGMP Fragment NTP HTTP GET HEAD HTTP POST PUSH SSL GET SSL POST Q4 2014 Q3 2014 Q4 2013