The document discusses advanced DDoS protection solutions for service providers and managed security service providers (MSSPs). It outlines key factors for MSSP success, including true DDoS protection capabilities, scalability, flexible deployment options, customer-centric reporting, and marketing differentiation. Radware's solution is presented as providing industry-leading coverage against various attack types, short time to protection, out-of-the-box protections, and support from Radware's emergency response team. A case study highlights how Radware helped a major hosting provider implement in-cloud DDoS protection and offer the service to customers.
DDoS Threat Landscape - Ron Winward CHINOG16Radware
- DDoS attacks continue to grow in complexity and now utilize multi-vector attacks across all layers of the infrastructure. The top failure points for networks are internet pipe saturation and stateful firewalls.
- Common attack types include UDP, ICMP, reflection attacks, TCP weaknesses like SYN floods, low and slow attacks like Slowloris, and encrypted attacks such as HTTPS floods. Anonymous hacking tools enable these attacks.
- Successful mitigation of DDoS attacks requires proactive preparation across the network, including a hybrid solution of on-premise and cloud-based detection and mitigation, emergency response planning, and a single point of contact during attacks.
The enterprise perimeter is disappearing. Migration to the cloud means a more distributed network infrastructure. Transition of web based applications to the cloud renders on premise mitigation tools ineffective against web attacks and requires organizations to protect applications both on premise and in-the-cloud.
Introducing Radware's Hybrid Cloud WAF Service - a fully-managed, always on service that integrates cloud-based with on premise protection against a broad range of attack vectors.
Visit here http://www.radware.com/social/hybridcloudwaf/ to read "The Dawn of Hybrid Cloud WAF" and to learn how the industry's first hybrid cloud-based WAF service addresses today's most challenging web-based cyber-attacks.
Attacks evenly split across network and application layers
Web-based attacks remain the single most common attack vector
1 in every 4 are HTTPS
Increase reflective attacks cause UDP attacks to increase
From 7% in 2013 to 16% in 2014
Reflective attacks represent 2014’s single largest DDoS “headache”
Availability
How do you ensure business applications are delivered under attacks?
Performance
How do you ensure consistent user experience when your network is under attack?
Security
What is the cost of data loss or abuse of your resources?
Scalability
How do you ensure future growth while minimizing initial spending?
Cost reduction
How to address all the above while reducing costs?
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionAndy Ellis
The document describes Radware's hybrid cloud WAF service, which provides fully-managed web application and DDoS protection for enterprises with applications in both cloud and on-premise environments. The service uses Radware's security technologies to integrate cloud and on-premise defenses, providing comprehensive detection and mitigation of web attacks, SQL injections, cross-site scripting, and DDoS attacks across hybrid infrastructures. It offers three service tiers with varying levels of protection and management features to suit different customer needs.
The Art of Cyber War [From Black Hat Brazil 2014]Radware
With cyber-attacks becoming a growing concern for organizations, availability-based attacks, also known as Denial of Service or Distributed Denial of Service attacks, have long moved from a form of cyber protest to a destructive weapon that is used by cyber criminals, hacktivists and even governments.
In 2013 we saw a growing use of a new type of attack where attackers used legitimate transactions to saturate application servers’ resources. In this presentation, Security Expert Werner Thalmeier demonstrates how such an advanced attack can be created from a laptop running in an anonymous public WiFi network. He also evaluates the attack landscape and its impact on organizations as well as shares the best practices to protect against such cyber-attacks.
Understand the current availability-based threat landscape and learn about new types of cyber-attacks that are being used to saturate resources. For more information on the state of Application and Network Security, please visit: http://www.radware.com/ert-report-2013/
Presentation from one of the remarkable IT Security events in the Baltic States organized by “Data Security Solutions” (www.dss.lv ) Event took place in Riga, on 7th of November, 2013 and was visited by more than 400 participants at event place and more than 300 via online live streaming.
The document discusses advanced DDoS protection solutions for service providers and managed security service providers (MSSPs). It outlines key factors for MSSP success, including true DDoS protection capabilities, scalability, flexible deployment options, customer-centric reporting, and marketing differentiation. Radware's solution is presented as providing industry-leading coverage against various attack types, short time to protection, out-of-the-box protections, and support from Radware's emergency response team. A case study highlights how Radware helped a major hosting provider implement in-cloud DDoS protection and offer the service to customers.
DDoS Threat Landscape - Ron Winward CHINOG16Radware
- DDoS attacks continue to grow in complexity and now utilize multi-vector attacks across all layers of the infrastructure. The top failure points for networks are internet pipe saturation and stateful firewalls.
- Common attack types include UDP, ICMP, reflection attacks, TCP weaknesses like SYN floods, low and slow attacks like Slowloris, and encrypted attacks such as HTTPS floods. Anonymous hacking tools enable these attacks.
- Successful mitigation of DDoS attacks requires proactive preparation across the network, including a hybrid solution of on-premise and cloud-based detection and mitigation, emergency response planning, and a single point of contact during attacks.
The enterprise perimeter is disappearing. Migration to the cloud means a more distributed network infrastructure. Transition of web based applications to the cloud renders on premise mitigation tools ineffective against web attacks and requires organizations to protect applications both on premise and in-the-cloud.
Introducing Radware's Hybrid Cloud WAF Service - a fully-managed, always on service that integrates cloud-based with on premise protection against a broad range of attack vectors.
Visit here http://www.radware.com/social/hybridcloudwaf/ to read "The Dawn of Hybrid Cloud WAF" and to learn how the industry's first hybrid cloud-based WAF service addresses today's most challenging web-based cyber-attacks.
Attacks evenly split across network and application layers
Web-based attacks remain the single most common attack vector
1 in every 4 are HTTPS
Increase reflective attacks cause UDP attacks to increase
From 7% in 2013 to 16% in 2014
Reflective attacks represent 2014’s single largest DDoS “headache”
Availability
How do you ensure business applications are delivered under attacks?
Performance
How do you ensure consistent user experience when your network is under attack?
Security
What is the cost of data loss or abuse of your resources?
Scalability
How do you ensure future growth while minimizing initial spending?
Cost reduction
How to address all the above while reducing costs?
Radware Hybrid Cloud Web Application Firewall and DDoS ProtectionAndy Ellis
The document describes Radware's hybrid cloud WAF service, which provides fully-managed web application and DDoS protection for enterprises with applications in both cloud and on-premise environments. The service uses Radware's security technologies to integrate cloud and on-premise defenses, providing comprehensive detection and mitigation of web attacks, SQL injections, cross-site scripting, and DDoS attacks across hybrid infrastructures. It offers three service tiers with varying levels of protection and management features to suit different customer needs.
The Art of Cyber War [From Black Hat Brazil 2014]Radware
With cyber-attacks becoming a growing concern for organizations, availability-based attacks, also known as Denial of Service or Distributed Denial of Service attacks, have long moved from a form of cyber protest to a destructive weapon that is used by cyber criminals, hacktivists and even governments.
In 2013 we saw a growing use of a new type of attack where attackers used legitimate transactions to saturate application servers’ resources. In this presentation, Security Expert Werner Thalmeier demonstrates how such an advanced attack can be created from a laptop running in an anonymous public WiFi network. He also evaluates the attack landscape and its impact on organizations as well as shares the best practices to protect against such cyber-attacks.
Understand the current availability-based threat landscape and learn about new types of cyber-attacks that are being used to saturate resources. For more information on the state of Application and Network Security, please visit: http://www.radware.com/ert-report-2013/
Presentation from one of the remarkable IT Security events in the Baltic States organized by “Data Security Solutions” (www.dss.lv ) Event took place in Riga, on 7th of November, 2013 and was visited by more than 400 participants at event place and more than 300 via online live streaming.
Detección y mitigación de amenazas con Check PointNextel S.A.
Presentación de Ignacio Berrozpe, de Check Point, durante la XV Jornada de Seguridad TI de Nextel S.A. en la Alhóndiga de Bilbao el jueves 27 de junio de 2013.
The document summarizes Symantec Endpoint Suite, which includes several security products that provide layered protection for endpoints, email, and mobile devices. It discusses Symantec Endpoint Protection for antivirus and antimalware on endpoints, Symantec Endpoint Encryption for data encryption, Symantec Mobile Threat Protection and Management for mobile security, and Symantec Messaging Gateway for email security. The suite aims to simplify security management and reduce costs through an integrated platform that protects against threats, data loss, and reduces complexity.
McAfee Advanced Threat Defense is a comprehensive solution that uses dynamic analysis, static code analysis, and machine learning to detect advanced malware. It analyzes malware behavior in real-time using emulation and deploys centrally to provide high detection accuracy and lower costs compared to other solutions. The solution integrates with other McAfee products to form a coordinated defense that rapidly shares threat intelligence across the enterprise to immediately block threats.
Preparing for the Imminent Terabit DDoS AttackImperva
The document discusses the growing threat of DDoS attacks and the need for resilient network protection. It notes that average attack sizes have grown to 10Gbps in 2013 and many recent attacks have exceeded 40Gbps. While botnets and open resolvers have not increased significantly, attackers are able to generate high volumes of traffic using a small number of "super resources." The document argues a terabit-level attack could occur within the next 1-3 years. It advocates for a cloud-based, scalable architecture with visibility across different asset types and rapid response capabilities. The document presents Incapsula as a solution offering application protection, DNS protection, and infrastructure protection against DDoS attacks.
Presentation from one of the remarkable IT Security events in the Baltic States organized by “Data Security Solutions” (www.dss.lv ) Event took place in Riga, on 7th of November, 2013 and was visited by more than 400 participants at event place and more than 300 via online live streaming.
This document discusses Symantec Advanced Threat Protection (ATP), which provides tools to protect against advanced persistent threats (APTs). It begins with an overview of the evolving threat landscape and APT techniques. It then summarizes the key modules of ATP, including network monitoring, email security, endpoint protection, and cloud-based sandboxing. The document concludes with a demo of ATP's detection and response capabilities.
In this breakout session Cerdant's top engineers, Jeremiah Johnson and Jason Palm displayed how to get the most out of your SonicWALL device by utilizing advanced features like Capture ATP and DPI-SSL.
The document discusses Check Point's Threat Emulation sandboxing solution and how it meets the capabilities recommended by Gartner for effective sandboxing. It can be deployed as an integrated feature of Check Point gateways, as a standalone solution using dedicated appliances or hosted in the cloud, or as a feature of Check Point's secure web gateways. It analyzes a broad range of file types, uses static analysis and pre-filtering to minimize sandboxing, supports comprehensive OSes and applications, employs anti-evasion techniques, and provides scalable analysis rates. It also offers contextual threat intelligence, forensic integration, and meets Gartner's other recommended criteria.
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerPriyanka Aash
"Software-Defined Networking (SDN) is now widely deployed in production environments with an ever-growing community. Though SDN's software-based architecture enables network programmability, it also introduces dangerous code vulnerabilities into SDN controllers. However, the decoupled SDN control plane and data plane only communicate with each other with pre-defined protocol interactions, which largely increases the difficulty of exploiting such security weaknesses from the data plane.
In this talk, we extend the attack surface and introduce Custom Attack, a novel attack against SDN controllers that leverages legitimate SDN protocol messages (i.e., the custom protocol field) to facilitate Java code vulnerability exploitation. Our research shows that it was possible for a weak adversary to execute arbitrary command or manipulate data in the SDN controller without accessing the SDN controller or any applications, but only controlling a host or a switch.
To the best of our knowledge, Custom Attack is the first attack that can remotely compromise SDN software stack to simultaneously cause multiple kinds of attack effects in SDN controllers. Till now we have tested 5 most popular SDN controllers and their applications and found all of them are vulnerable to Custom Attack in some degree. 14 serious vulnerabilities are discovered, all of which can be exploited remotely to launch advanced attacks against controllers (e.g., executing arbitrary commands, exfiltrating confidential files, crashing SDN service, etc.).
This presentation will include:
an overview of SDN security research and practices.
a new attack methodology for SDN that is capable of compromising the entire network.
our research process that leads to these discoveries, including technical specifics of exploits.
showcases of interesting Custom Attack chains in real-world SDN projects.
"
1) The complexity of corporate IT is growing daily, with an 81% increase in mobile data traffic in 2013 and only 50% of data needing protection currently protected. Advanced attacks have a high material impact, costing companies billions annually.
2) McAfee's Connected Security Platform allows threat intelligence to be shared in milliseconds between endpoints, gateways and other security products to immediately protect organizations as threats are revealed.
3) The platform includes the Threat Intelligence Exchange, Enterprise Security Manager, and Data Exchange Layer to provide real-time visibility, adaptive security, and integrated protection and response across an organization.
This document discusses advanced threat protection and FortiSandbox. It notes that prevention techniques sometimes fail, so detection and response tools are needed to reduce the time it takes to find, investigate, and remediate incidents. Sandboxing is introduced as an effective technique that runs suspicious objects in a contained virtual environment to analyze behavior and uncover threats. FortiSandbox is highlighted as a solution that integrates with FortiGate and other Fortinet products to provide detection, analysis, and sharing of threat intelligence across the network to improve security.
The document discusses various techniques used in ransomware attacks and defenses against them. It covers topics like email security appliances, command and control (CnC) detection using DNS, the evolution of ransomware variants, and tools like Umbrella that can be used to block malicious domains. It also discusses how the Next Generation IPS/NGFW from Cisco called Firepower can help discover vulnerabilities, detect malware, and tune signatures based on network context.
The document discusses reducing attack surfaces in cloud environments. It notes that understanding your attack surface is critical for deploying proper security controls as attack surfaces differ between cloud and on-premises environments. It also states that web application attacks are now the leading cause of data breaches but less than 5% of security budgets are spent on application security. Common cloud misconfigurations are also discussed as a major risk factor.
The document discusses cybersecurity threats and attacks. It describes how attacks often begin by finding vulnerabilities in popular applications like Adobe Reader or Java. It also discusses the Target credit card breach where over 40 million cards were stolen. The document emphasizes that a multi-layered security approach is needed to address both known and unknown threats, including firewalls, network segmentation, application control, and integrated malware sandboxing and prevention techniques.
El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras...Plain Concepts
Charla impartida en evento Protección y seguridad en entornos de Cloud Hibrida con Azure y O365 sobre El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras amenazas by Barracuda
Security Implications of the Cloud - CSS Dallas AzureAlert Logic
The document summarizes the security implications of cloud computing. It notes that web application attacks are now the number one source of data breaches, but less than 5% of security budgets are spent on application security. It discusses how risks are moving up the application stack as vulnerabilities can be introduced through code changes and dependencies. Defending web applications and workloads in the cloud is complex due to a wide range of attacks at every layer of the stack and a shortage of security expertise. It then provides an example of a data exfiltration attack against a retail company where an attacker exploited known PHP flaws to access critical systems and steal data over 4 months without detection.
Application layer attack trends through the lens of Cloudflare dataCloudflare
The past few months have seen significant changes in how attackers target the application layer—through injection attacks, malicious bots, DDoS, API vulnerability exploits, and more. We can observe these changes by analyzing traffic from Cloudflare’s global network, which blocks an average of 45 billion threats per day for over 27 million Internet properties.
Watch this webinar to explore data on:
Which attack vectors have become more and less common
How those changes vary by region and industry
The business and societal trends behind these attacks
Strategies for addressing these latest attack tactics
Check Point provides next generation security across networks, endpoints, data centers and clouds. Their unified management platform offers consolidated visibility and customized monitoring. Check Point's software blade architecture and threat prevention capabilities protect against both known and unknown threats across multiple layers. Their growing portfolio of appliances are optimized for performance and scalability to meet the needs of organizations of any size.
Viruses on mobile platforms why we don't/don't we have viruses on android_Jimmy Shah
This presentation will discuss the resources available to attackers to write Android viruses, including methods of infecting executables, gaining control from the original app and avoiding detection.
Attacking IPv6 Implementation Using Fragmentationmichelemanzotti
This document provides an overview of attacking IPv6 implementations using fragmentation. It begins with background on fragmentation in IPv4 and IPv6. The presenter then examines fragmentation issues in popular OS implementations through examples. Target OSes include Ubuntu, FreeBSD, OpenBSD and Windows. Small fragments and overlapping fragments are demonstrated. The document discusses the security implications of these attacks, such as firewall evasion. It also covers different reassembly policies using the Paxson/Shankar model of fragmentation. The overall summary is that fragmentation can be used to bypass security controls by manipulating the packet payload across fragments.
Detección y mitigación de amenazas con Check PointNextel S.A.
Presentación de Ignacio Berrozpe, de Check Point, durante la XV Jornada de Seguridad TI de Nextel S.A. en la Alhóndiga de Bilbao el jueves 27 de junio de 2013.
The document summarizes Symantec Endpoint Suite, which includes several security products that provide layered protection for endpoints, email, and mobile devices. It discusses Symantec Endpoint Protection for antivirus and antimalware on endpoints, Symantec Endpoint Encryption for data encryption, Symantec Mobile Threat Protection and Management for mobile security, and Symantec Messaging Gateway for email security. The suite aims to simplify security management and reduce costs through an integrated platform that protects against threats, data loss, and reduces complexity.
McAfee Advanced Threat Defense is a comprehensive solution that uses dynamic analysis, static code analysis, and machine learning to detect advanced malware. It analyzes malware behavior in real-time using emulation and deploys centrally to provide high detection accuracy and lower costs compared to other solutions. The solution integrates with other McAfee products to form a coordinated defense that rapidly shares threat intelligence across the enterprise to immediately block threats.
Preparing for the Imminent Terabit DDoS AttackImperva
The document discusses the growing threat of DDoS attacks and the need for resilient network protection. It notes that average attack sizes have grown to 10Gbps in 2013 and many recent attacks have exceeded 40Gbps. While botnets and open resolvers have not increased significantly, attackers are able to generate high volumes of traffic using a small number of "super resources." The document argues a terabit-level attack could occur within the next 1-3 years. It advocates for a cloud-based, scalable architecture with visibility across different asset types and rapid response capabilities. The document presents Incapsula as a solution offering application protection, DNS protection, and infrastructure protection against DDoS attacks.
Presentation from one of the remarkable IT Security events in the Baltic States organized by “Data Security Solutions” (www.dss.lv ) Event took place in Riga, on 7th of November, 2013 and was visited by more than 400 participants at event place and more than 300 via online live streaming.
This document discusses Symantec Advanced Threat Protection (ATP), which provides tools to protect against advanced persistent threats (APTs). It begins with an overview of the evolving threat landscape and APT techniques. It then summarizes the key modules of ATP, including network monitoring, email security, endpoint protection, and cloud-based sandboxing. The document concludes with a demo of ATP's detection and response capabilities.
In this breakout session Cerdant's top engineers, Jeremiah Johnson and Jason Palm displayed how to get the most out of your SonicWALL device by utilizing advanced features like Capture ATP and DPI-SSL.
The document discusses Check Point's Threat Emulation sandboxing solution and how it meets the capabilities recommended by Gartner for effective sandboxing. It can be deployed as an integrated feature of Check Point gateways, as a standalone solution using dedicated appliances or hosted in the cloud, or as a feature of Check Point's secure web gateways. It analyzes a broad range of file types, uses static analysis and pre-filtering to minimize sandboxing, supports comprehensive OSes and applications, employs anti-evasion techniques, and provides scalable analysis rates. It also offers contextual threat intelligence, forensic integration, and meets Gartner's other recommended criteria.
HACKING THE BRAIN: Customize Evil Protocol to Pwn an SDN ControllerPriyanka Aash
"Software-Defined Networking (SDN) is now widely deployed in production environments with an ever-growing community. Though SDN's software-based architecture enables network programmability, it also introduces dangerous code vulnerabilities into SDN controllers. However, the decoupled SDN control plane and data plane only communicate with each other with pre-defined protocol interactions, which largely increases the difficulty of exploiting such security weaknesses from the data plane.
In this talk, we extend the attack surface and introduce Custom Attack, a novel attack against SDN controllers that leverages legitimate SDN protocol messages (i.e., the custom protocol field) to facilitate Java code vulnerability exploitation. Our research shows that it was possible for a weak adversary to execute arbitrary command or manipulate data in the SDN controller without accessing the SDN controller or any applications, but only controlling a host or a switch.
To the best of our knowledge, Custom Attack is the first attack that can remotely compromise SDN software stack to simultaneously cause multiple kinds of attack effects in SDN controllers. Till now we have tested 5 most popular SDN controllers and their applications and found all of them are vulnerable to Custom Attack in some degree. 14 serious vulnerabilities are discovered, all of which can be exploited remotely to launch advanced attacks against controllers (e.g., executing arbitrary commands, exfiltrating confidential files, crashing SDN service, etc.).
This presentation will include:
an overview of SDN security research and practices.
a new attack methodology for SDN that is capable of compromising the entire network.
our research process that leads to these discoveries, including technical specifics of exploits.
showcases of interesting Custom Attack chains in real-world SDN projects.
"
1) The complexity of corporate IT is growing daily, with an 81% increase in mobile data traffic in 2013 and only 50% of data needing protection currently protected. Advanced attacks have a high material impact, costing companies billions annually.
2) McAfee's Connected Security Platform allows threat intelligence to be shared in milliseconds between endpoints, gateways and other security products to immediately protect organizations as threats are revealed.
3) The platform includes the Threat Intelligence Exchange, Enterprise Security Manager, and Data Exchange Layer to provide real-time visibility, adaptive security, and integrated protection and response across an organization.
This document discusses advanced threat protection and FortiSandbox. It notes that prevention techniques sometimes fail, so detection and response tools are needed to reduce the time it takes to find, investigate, and remediate incidents. Sandboxing is introduced as an effective technique that runs suspicious objects in a contained virtual environment to analyze behavior and uncover threats. FortiSandbox is highlighted as a solution that integrates with FortiGate and other Fortinet products to provide detection, analysis, and sharing of threat intelligence across the network to improve security.
The document discusses various techniques used in ransomware attacks and defenses against them. It covers topics like email security appliances, command and control (CnC) detection using DNS, the evolution of ransomware variants, and tools like Umbrella that can be used to block malicious domains. It also discusses how the Next Generation IPS/NGFW from Cisco called Firepower can help discover vulnerabilities, detect malware, and tune signatures based on network context.
The document discusses reducing attack surfaces in cloud environments. It notes that understanding your attack surface is critical for deploying proper security controls as attack surfaces differ between cloud and on-premises environments. It also states that web application attacks are now the leading cause of data breaches but less than 5% of security budgets are spent on application security. Common cloud misconfigurations are also discussed as a major risk factor.
The document discusses cybersecurity threats and attacks. It describes how attacks often begin by finding vulnerabilities in popular applications like Adobe Reader or Java. It also discusses the Target credit card breach where over 40 million cards were stolen. The document emphasizes that a multi-layered security approach is needed to address both known and unknown threats, including firewalls, network segmentation, application control, and integrated malware sandboxing and prevention techniques.
El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras...Plain Concepts
Charla impartida en evento Protección y seguridad en entornos de Cloud Hibrida con Azure y O365 sobre El riesgo para tu negocio crece; cómo protegerte frente al Ransomware y otras amenazas by Barracuda
Security Implications of the Cloud - CSS Dallas AzureAlert Logic
The document summarizes the security implications of cloud computing. It notes that web application attacks are now the number one source of data breaches, but less than 5% of security budgets are spent on application security. It discusses how risks are moving up the application stack as vulnerabilities can be introduced through code changes and dependencies. Defending web applications and workloads in the cloud is complex due to a wide range of attacks at every layer of the stack and a shortage of security expertise. It then provides an example of a data exfiltration attack against a retail company where an attacker exploited known PHP flaws to access critical systems and steal data over 4 months without detection.
Application layer attack trends through the lens of Cloudflare dataCloudflare
The past few months have seen significant changes in how attackers target the application layer—through injection attacks, malicious bots, DDoS, API vulnerability exploits, and more. We can observe these changes by analyzing traffic from Cloudflare’s global network, which blocks an average of 45 billion threats per day for over 27 million Internet properties.
Watch this webinar to explore data on:
Which attack vectors have become more and less common
How those changes vary by region and industry
The business and societal trends behind these attacks
Strategies for addressing these latest attack tactics
Check Point provides next generation security across networks, endpoints, data centers and clouds. Their unified management platform offers consolidated visibility and customized monitoring. Check Point's software blade architecture and threat prevention capabilities protect against both known and unknown threats across multiple layers. Their growing portfolio of appliances are optimized for performance and scalability to meet the needs of organizations of any size.
Viruses on mobile platforms why we don't/don't we have viruses on android_Jimmy Shah
This presentation will discuss the resources available to attackers to write Android viruses, including methods of infecting executables, gaining control from the original app and avoiding detection.
Attacking IPv6 Implementation Using Fragmentationmichelemanzotti
This document provides an overview of attacking IPv6 implementations using fragmentation. It begins with background on fragmentation in IPv4 and IPv6. The presenter then examines fragmentation issues in popular OS implementations through examples. Target OSes include Ubuntu, FreeBSD, OpenBSD and Windows. Small fragments and overlapping fragments are demonstrated. The document discusses the security implications of these attacks, such as firewall evasion. It also covers different reassembly policies using the Paxson/Shankar model of fragmentation. The overall summary is that fragmentation can be used to bypass security controls by manipulating the packet payload across fragments.
The document discusses Advanced Evasion Techniques (AETs) and introduces Evader, a software tool from Stonesoft. It summarizes that AETs are hacking techniques that evade detection, most security devices cannot detect AETs, and Evader allows organizations to test if their defenses would stop an AET-borne attack. Evader is presented as a free and easy-to-use way for security teams and vendors to determine the real-world effectiveness of networks against AETs.
This document provides an introduction to cross-site scripting (XSS) attacks over the course of one hour. It defines XSS and its different types (reflected, stored, DOM), discusses common injection points and payloads, and techniques for bypassing filters including encoding, evasion tricks, and tools. The goal is to teach novices the basics needed to find and exploit XSS vulnerabilities, with tips on contexts, detection, encoding, and actual attack vectors like cookie stealing.
The document discusses Veil-Evasion, a tool for generating payloads that evade antivirus detection, and how it can be used to carry out client-side attacks. It provides an overview of the Veil framework, the components of Veil-Evasion, and how it integrates with other tools in the framework like Veil-Catapult and Veil-Pillage. The document also outlines the typical stages of a client-side attack, from the initial vector to post-exploitation actions, and concludes with a demonstration of these capabilities.
The document discusses different techniques for filling polygons, including boundary fill, flood fill, and scan-line fill methods. It provides details on how each technique works, such as using a seed point and filling neighboring pixels for boundary fill, replacing all pixels of a selected color for flood fill, and drawing pixels between edge intersections for each scan line for scan-line fill. Examples are given to illustrate the filling process for each method.
This document summarizes a presentation on evading antivirus detection. It discusses how antivirus has gotten better at detecting old techniques, and introduces newer tools and methods for generating payloads that can bypass antivirus software, including Veil, Hyperion, and writing your own custom stagers and payloads. It also recommends building your own antivirus lab to reliably test new payloads before deployment.
The document discusses FortiSandbox and how it helps detect modern threats. It begins with an overview of sandboxing and how executing files in a virtual environment allows analyzing behaviors to detect malware. FortiSandbox improves detection by using real-time analysis instead of just signatures. It also discusses advanced persistent threats that aim to disguise, survive on systems, and impact organizations. FortiSandbox provides visibility into these threats through reports on potentially unwanted activity and integration with incident response. The document highlights FortiSandbox's advantages like flexible deployment options, centralized management, and integration with FortiGuard services for updates.
Ever Present Persistence - Established Footholds Seen in the WildCTruncer
This talk is about different attacker persistence techniques that we have seen in the wild, or published by other companies. We wanted to create a massive document containing all of these techniques with a mile wide, inch deep approach. Our goal is to give a description of how each technique works and a way to detect them to allow anyone to start looking for these specific techniques.
This talk goes over the art of antivirus evasion, or really the lack thereof. I talk about a new module that's getting added into Veil-Evasion, a signature that was developed for Veil, and creating your own processes for approaching unknowns.
This document provides an overview of FortiGate multi-threat security systems and their administration, content inspection, and basic VPN capabilities. It discusses FortiGate devices, FortiGuard subscription services, logging and alerts capabilities, firewall policies, basic VPN configurations, authentication, antivirus, spam filtering, and web filtering. The document includes descriptions of FortiGate portfolio models, FortiGuard dynamic updates, FortiManager and FortiAnalyzer management products, logging levels, and log storage locations.
In the following slides we will show you how to create a #DMZ using the #FortiGate
#Firewall. See next chapters on #FortiGate configuration. Stay with us!
This document provides an overview of leading corporate change and change management. It discusses key principles of change including viewing change as a process, linking change to business goals, building organizational capacity for change, and understanding that behavioral change occurs at the emotional level. It also outlines five key activities for effective change management: motivating change, creating a vision, developing political support, managing the transition, and sustaining momentum. Additionally, it discusses forces for change, resistance to change, and elements to enable change such as change architecture, communication, performance management, and leadership capacity.
A UDP flood attack is a denial of service attack where an attacker overwhelms a targeted host with UDP packets. UDP is a connectionless protocol that does not require handshaking, allowing it to be used to launch attacks. While firewalls can filter unwanted traffic, they too can be overwhelmed. There are several ways to mitigate UDP flood attacks, such as rate limiting ICMP responses, firewall filtering, and filtering UDP packets except for DNS at the network level. Advanced mitigation techniques involve load balancing attacks across scrubbing servers using anycast technology and deep packet inspection to filter out malicious packets.
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!PriyadharshiniHemaku
Unleash the Hammer on Denial-of-Service: Conquer DDos Attacks!
This presentation cracks the code on devastating DDoS attacks, equipping you with insights and strategies to shield your systems and emerge victorious. Learn the devious tricks attackers use, explore robust defense mechanisms, and discover how to stay ahead of the curve in the ever-evolving cyber-warfare landscape. Prepare to turn the tables on malicious actors and ensure your operations run smoothly, even under siege!
Firewall provides security for networks by controlling access between internal and external networks. There are different types of firewalls including packet filters, application-level gateways, and circuit-level gateways. A packet filter firewall applies rules to IP packets to determine whether to forward or discard them based on information like source/destination addresses and ports. An application-level gateway provides additional security over a packet filter by requiring traffic to go through a proxy for each application/protocol. A network-based firewall protects all computers on an internal network, while a host-based firewall protects only an individual computer.
Enhancing the impregnability of linux serversIJNSA Journal
Worldwide IT industry is experiencing a rapid shift towards Service Oriented Architecture (SOA). As a
response to the current trend, all the IT firms are adopting business models such as cloud based services
which rely on reliable and highly available server platforms. Linux servers are known to be highly
secure. Network security thus becomes a major concern to all IT organizations offering cloud based
services. The fundamental form of attack on network security is Denial of Service. This paper focuses on
fortifying the Linux server defence mechanisms resulting in an increase in reliability and availability of
services offered by the Linux server platforms. To meet this emerging scenario, most of the organizations
are adopting business models such as cloud computing that are dependant on reliable server platforms.
Linux servers are well ahead of other server platforms in terms of security. This brings network security
to the forefront of major concerns to an organization. The most common form of attacks is a Denial of
Service attack. This paper focuses on mechanisms to detect and immunize Linux servers from DoS .
ENHANCING THE IMPREGNABILITY OF LINUX SERVERSIJNSA Journal
Worldwide IT industry is experiencing a rapid shift towards Service Oriented Architecture (SOA). As a response to the current trend, all the IT firms are adopting business models such as cloud based services which rely on reliable and highly available server platforms. Linux servers are known to be highly secure. Network security thus becomes a major concern to all IT organizations offering cloud based services. The fundamental form of attack on network security is Denial of Service. This paper focuses on fortifying the Linux server defence mechanisms resulting in an increase in reliability and availability of services offered by the Linux server platforms. To meet this emerging scenario, most of the organizations are adopting business models such as cloud computing that are dependant on reliable server platforms. Linux servers are well ahead of other server platforms in terms of security. This brings network security to the forefront of major concerns to an organization. The most common form of attacks is a Denial of Service attack. This paper focuses on mechanisms to detect and immunize Linux servers from DoS .
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliMarta Pacyga
This document discusses DDoS attacks, including the types of attacks, their impact on victims, and best practices for network operators. It covers TCP exhaustion attacks, volumetric attacks, reflective amplification attacks that exploit protocols like DNS and NTP, and application layer attacks. These attacks can directly impact content providers and indirectly impact service providers and cloud providers. The document recommends network operators deploy anti-spoofing, scan for and mitigate abusable services, and utilize carrier DDoS protection services to help prevent collateral damage from attacks.
PLNOG15 :DDOS Attacks & Collateral Damage. Can we avoid it? Asraf AliPROIDEA
This document discusses DDoS attacks, including what they are, how they work, their impact, and best practices for prevention. It covers different types of attacks like TCP exhaustion, volumetric, and reflective amplification attacks. Reflective amplification attacks are of particular concern due to their large size, affecting millions of users. The document recommends network operators deploy anti-spoofing measures, identify and remove exposed services, and consider cloud-based DDoS mitigation services to help prevent collateral damage from large attacks.
This document discusses denial of service (DoS) and distributed denial of service (DDoS) attacks. It defines DoS and DDoS attacks, describes common types like SYN floods and Smurf attacks, and discusses costs to victim organizations. The document also recommends strategies for organizations to mitigate DDoS risks, such as strategic firewall placement at the ISP level and default deny policies, as well as monitoring source IP addresses to detect attacks. It provides an example of generating a spoofed DoS attack and concludes that while defenses can help, it remains easy to bypass them to launch successful DDoS attacks.
This document discusses denial of service (DoS) and distributed denial of service (DDoS) attacks. It defines DoS and DDoS attacks, describes different types of attacks including SYN floods and Smurf attacks, and discusses the costs of DoS attacks for victims. The document also recommends strategies for organizations to mitigate DDoS attacks such as strategic firewall placement, default deny policies, and monitoring source IP addresses to detect attacks. An example simulation shows how strategic firewall placement can help systems continue operating during DDoS attacks.
This document discusses denial of service (DoS) and distributed denial of service (DDoS) attacks. It defines DoS and DDoS attacks, describes the costs they impose on victims, and classifies different types of DoS attacks. The document also recommends strategies for organizations to mitigate DoS risks, such as strategic firewall placement, default deny policies, and monitoring source IP addresses to detect DDoS attacks. An example of a spoofed DoS attack is provided to illustrate how such attacks can be carried out.
This document summarizes Cisco's cybersecurity portfolio, which includes solutions for securing the cloud, edge/campus/data center networks, email/content/web, security management, endpoint protection, identity & secure access. The portfolio features products like Umbrella for cloud security, Stealthwatch for network threat detection, Next Gen Firewalls, Email Security, Advanced Malware Protection, and Identity Services Engine for access management. Cisco aims to provide comprehensive protection across all attack vectors through an integrated approach leveraging its threat intelligence.
PLNOG 9: Paweł Wachelka - Network protection against DoS/DDoS attacks PROIDEA
This document discusses network protection against DDoS attacks and Huawei's anti-DDoS solution. It describes the threats posed by evolving DDoS attacks, including application layer attacks and attacks exceeding 100 Gbps. It then outlines Huawei's defense principles for different types of attacks, including protocols like TCP, UDP, ICMP and application layer protocols. The principles involve source authentication, fingerprint-based filtering, traffic shaping and more.
The document provides information about different types of DDoS attacks including DoS, DDoS, DNS reflection, SYN reflection, SMURF, UDP flood, SNMP, NTP, HTTP GET, and HTTP POST attacks. It describes how each attack works and overloads the target system with traffic. Mitigation techniques are also outlined, such as firewalls, rate limiting, authentication, and modifying server configurations.
The document discusses Azure DDoS Protection Standard. It notes that DDoS attacks are increasing in frequency, size, and sophistication. Azure DDoS Protection Standard provides continuous monitoring, edge mitigation to protect datacenter bandwidth, regional failover, and global mitigation capacity of over 25 Tbps. It is designed to provide automatic network layer attack protection and analytics for virtual network resources.
Modern DDoS attacks are increasing in size, frequency, and complexity. A layered DDoS protection solution is needed to stop volumetric, application layer, and advanced attacks. Cisco and Arbor Networks provide a comprehensive solution combining Arbor's DDoS protection products with Cisco's ASR 9000 routers that have virtual DDoS protection modules. This embedded network protection leverages the infrastructure for mitigation techniques like ACLs, BGP Flowspec, and source/destination-based remote triggered blackholing to block attacks at multiple points before reaching customers.
This document discusses internet traffic monitoring and analysis. It describes:
1) The growth of internet usage and evolving network environments that require reliable monitoring.
2) Real-world applications of monitoring including network usage analysis, planning, SLA monitoring, and security attack detection.
3) POSTECH's research activities including MRTG+, WebTrafMon, and their next-generation system NG-MON for high-speed monitoring.
Cloud Security or: How I Learned to Stop Worrying & Love the CloudMarkAnnati
Cloud Security or: How I Learned to Stop Worrying & Love the Cloud
Presented by Marija Strazdas - Sr. Solutions Engineer, Alert Logic
Presented to the Boston Amazon Web Services Meetup Group on Jun 5 & 21
https://www.meetup.com/The-Boston-Amazon-Web-Services-Meetup-Group/
Summary/Themes:
- Understanding your attack surface is critical to deploying the right security controls.
- Attack surface in the cloud environments is significantly different than on-premises
- Dominant cloud exposures are often misunderstood
PLNOG16: DDOS SOLUTIONS – CUSTOMER POINT OF VIEW, Piotr WojciechowskiPROIDEA
This document provides an overview of DDoS solutions from a customer perspective. It discusses different types of DDoS attacks and the need for multiple protection tools. It describes two common deployment models for scrubbing centers: DNS redirection and BGP. AlwaysOn protection is generally better than on-demand AlwaysAvailable protection. While scrubbing services can mitigate large attacks, they are not a complete solution and other measures are needed to deal with initial attack waves. Preparation including a response team and plan can help organizations effectively respond to DDoS attacks.
Similar to Radware DefensePipe: Cloud-Based Attack Mitigation Solution (20)
Cyber Security Through the Eyes of the C-Suite (Infographic)Radware
The document summarizes the findings of a survey of 200 IT executives in the US and UK about how their companies are responding to ransom-based cyber attacks. It reports that UK executives are less willing to pay ransoms than US executives, with only 9% of UK executives saying they would pay versus 23% in the US. Over half of UK businesses have invited or are open to inviting hackers to assess their cyber security. On average, ransoms demanded of UK companies are higher at £22,000 compared to $7,500 in the US. Executives who have not experienced an attack are less likely to say they would pay a ransom compared to those who have already been attacked.
What’s the Cost of a Cyber Attack (Infographic)Radware
How much does a cyber-attack actually cost an organization in hard dollars? What are the potential business impacts? This infographic answers these questions and more via two surveys Radware recently conducted of IT professionals.
Radware provides cloud-based web application firewall (WAF) and distributed denial of service (DDoS) protection services to help organizations address evolving security threats. The services use Radware's security technologies and are fully managed by Radware security experts. The WAF service provides continuously adaptive protection against known and unknown attacks. The DDoS service offers over 2Tbps of mitigation capacity and has protected organizations from large multi-vector DDoS campaigns. Both services are designed to provide strong security with minimal management requirements.
The Expanding Role and Importance of Application Delivery Controllers [Resear...Radware
When it Comes to ADCs, Perception is Not Reality.
The Enterprise Strategy Group and Radware recently conducted a collaborative research project about the current use and future strategies of application delivery controllers (ADCs).
Based on a survey of 243 IT professionals, the research reveals that the role of ADCs has expanded well beyond the historical perception of hardware-based load balancers.
What’s most interesting is that ADCs are becoming a critical component of a defense-in-depth security strategy as enterprises fine-tune security policy and enforcement to align with their sensitive business applications. Organizations are also deploying ADCs as virtual appliances at an increasing rate and taking advantage of ADC functionality from the network through the application layer.
There is a lesson to be learned here: enterprise organizations can get creative with ADC deployments for performance tuning, application-specific services, and critical system protection. Read this research http://www.radware.com/social/esg-adc-research/ to understand the benefits of applying ADCs in this fashion.
Eventually, every website fails. If it's a household-name site like Amazon, then news of that failure gets around faster than a rocket full of monkeys. That's because downtime hurts. As a for-instance, in 2013 Amazon suffered a 40-minute outage that allegedly cost the company $5 million in lost sales. That's a big number, and everybody loves big numbers.
But when it comes to performance-related losses, is it the biggest number?
In this presentation from the CMG Performance and Capacity 2014 conference, Radware Web Performance Expert Tammy Everts reviews real-world examples that compare the cost of site slowdowns versus outages. We also talk about how to overcome the challenges of creating as much urgency around the topic of slow time as there is around the topic of downtime.
The Cyber Attack landscape is evolving with new attack vectors and dangerous trends that can affect the security of your business. Some attacks can take only minutes to complete, yet months to be discovered.
Determine your attack risk and learn what to look for in a quality cyber attack defense.
Please visit here: http://www.radware.com/social/amn/ for information on Radware's AMN (Attack Mitigation Network.
The document summarizes the Shellshock vulnerabilities (CVE-2014-6271, CVE-2014-7169) that affect Bash and allow remote code execution. It provides background on the vulnerabilities, risk level, mitigation options including IPS signatures, and recommendations to patch vulnerable systems. Contact information is also included.
The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving TheatreRadware
Is the world in the midst of a cyber-war? If so, what are the implications?
In this presentation Carl Herberger, Radware's VP of Security Solutions, explores some of the most notable recent cyber-attacks and how many of the findings correlate with the tenets of warfare as defined in The Art of War by Sun Tzu, the ancient military general, strategist and tactician.
How should organizations be preparing for an information security landscape that is shaped by ideologically motivated cyber warfare rather than just opportunistic cyber-crime? Learn the techniques being employed to safeguard IT operations in a theatre that is witnessing ever more sophisticated attacks.
For more on how to help detect, mitigate and win this cyber war battle, visit here: http://www.radware.com/ert-report-2013/ to download the 2013 Global Application and Network Security Report.
Mobile Web Stress: Understanding the Neurological Impact of Poor PerformanceRadware
Slow pages hurt mobile user metrics, from bounce rate to online revenues and long-term user retention. At Radware, we wanted to understand the science behind this, so we engaged in the first documented study of the neurological impact of poor performance on mobile users. Your takeaway from this presentation is hard data that you can use to make a case for investing in mobile performance in your organization.
Based on similar research performed on desktop users, our study involved using a groundbreaking combination of eyetracking and electroencephalography (EEG) technologies to monitor brain wave activity in a group of mobile users who were asked to perform a series of online transactions via mobile devices.
In our study, participants were asked to complete standardized shopping tasks on four ecommerce sites while using a smartphone. We studied participants during these tasks, both at the normal speed over Wifi and also at a consistently slowed-down speed (using software that allowed us to create a 500ms network delay). The participants did not know that speed was a factor in the tests; rather, they believed that they were participating in a generic usability/brand perception study. From the data, we were able to extract measures of frustration and emotional engagement for the browsing and checkout stages of both the normal and slowed-down versions of all four sites.
This presentation, shared by Radware Web Performance Evangelist Tammy Everts at the 2014 Velocity Conference and the CMG Performance and Capacity 2014 Conference, provides a deeper understanding of the impact of performance on mobile users.
For even more on the research, you can also download it here: http://www.radware.com/mobile-eeg2013/
This is your brain.
This is your brain on a mobile site with throughput throttled just enough to frustrate the heck out of you.
This is your brain thinking about all the tests you could run if you had your own lightweight, wireless EEG braincap to directly but passively monitor brain activity in your customers as they interact with your digital assets.
From the eMetrics Conference in Chicago, Radware Evangelist Tammy Everts describes a mobile web stress test conducted to gauge the impact of network speed on emotional engagement and brand perception. Neural marketing has escaped the lab and has found its way into practical applications. For even more on the web stress tests, please visit: http://www.radware.com/mobile-eeg2013/
InfoSecurity Europe 2014: The Art Of Cyber WarRadware
With cyber-attacks becoming a growing concern for organizations, availability-based attacks, also known as Denial of Service or Distributed Denial of Service attacks, have long moved from a form of cyber protest to a destructive weapon that is used by cyber criminals, hacktivists and even governments.
In 2013 we saw a growing use of a new type of attack where attackers used legitimate transactions to saturate application servers’ resources. In this presentation, Security Expert Werner Thalmeier demonstrates how such an advanced attack can be created from a laptop running in an anonymous public WiFi network. He also evaluates the attack landscape and its impact on organizations as well as shares the best practices to protect against such cyber-attacks.
Understand the current availability-based threat landscape and learn about new types of cyber-attacks that are being used to saturate resources. For more information on the state of Application and Network Security, please visit: http://www.radware.com/ert-report-2013/
OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...Radware
Why would you want to have an open source driver?
Samuel Bercovici, Radware's Director of Automation & Cloud Integration, answers this and offers an introduction to Drivers in Havana in this presentation from his recent appearance at OpenStack Israel.
Read more in our Press Release: http://www.radware.com/NewsEvents/PressReleases/Radware-Alteon-Provides-Load-Balancing-for-OpenStack-Cloud-Applications/
SecureWorld St. Louis: Survival in an Evolving Threat LandscapeRadware
David Hobbs’ presentation from SecureWorld Expo - St. Louis discusses availability-based threats; attacks on U.S. banks and other popular attack patterns & trends.
In the Line of Fire - The Morphology of Cyber-AttacksRadware
Presentation from Dennis Usle during TakeDownCon in Huntsville, AL that discusses Availability-based threats; Attacks on U.S. banks and others popular attack patterns & trends.
The document discusses a presentation given at Black Hat 2013 about bypassing DDoS mitigation techniques. It describes a new tool called "Kill'em All 1.0" that is designed to generate realistic human-like traffic to circumvent detection. The tool supports features like authentication bypass, HTTP headers, JavaScript execution, and captcha solving. It was allegedly tested successfully against major CDNs. The presenters concluded that current DDoS defenses are becoming less effective and attacks are becoming more sophisticated.
In the Line of Fire-the Morphology of Cyber AttacksRadware
Dennis Ulse's Presentation from SecureWorld Expo Atlanta that discusses Availability-based threats; Attacks on U.S. banks and other popular attack patterns and trends.
In the Line of Fire-the Morphology of Cyber AttacksRadware
David Hobbs’ Presentation from his series of presentations during SecureWorld that discusses Availability-based threats; Attacks on U.S. banks and others popular attack patterns & trends.
Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security Radware
http://www.radware.com/Products/DefenseFlow/
Learn about the industry's first SDN application that enables network operators to program the network to provide DDoS protection as a native network service.
Monitoring and Managing Anomaly Detection on OpenShift.pdfTosin Akinosho
Monitoring and Managing Anomaly Detection on OpenShift
Overview
Dive into the world of anomaly detection on edge devices with our comprehensive hands-on tutorial. This SlideShare presentation will guide you through the entire process, from data collection and model training to edge deployment and real-time monitoring. Perfect for those looking to implement robust anomaly detection systems on resource-constrained IoT/edge devices.
Key Topics Covered
1. Introduction to Anomaly Detection
- Understand the fundamentals of anomaly detection and its importance in identifying unusual behavior or failures in systems.
2. Understanding Edge (IoT)
- Learn about edge computing and IoT, and how they enable real-time data processing and decision-making at the source.
3. What is ArgoCD?
- Discover ArgoCD, a declarative, GitOps continuous delivery tool for Kubernetes, and its role in deploying applications on edge devices.
4. Deployment Using ArgoCD for Edge Devices
- Step-by-step guide on deploying anomaly detection models on edge devices using ArgoCD.
5. Introduction to Apache Kafka and S3
- Explore Apache Kafka for real-time data streaming and Amazon S3 for scalable storage solutions.
6. Viewing Kafka Messages in the Data Lake
- Learn how to view and analyze Kafka messages stored in a data lake for better insights.
7. What is Prometheus?
- Get to know Prometheus, an open-source monitoring and alerting toolkit, and its application in monitoring edge devices.
8. Monitoring Application Metrics with Prometheus
- Detailed instructions on setting up Prometheus to monitor the performance and health of your anomaly detection system.
9. What is Camel K?
- Introduction to Camel K, a lightweight integration framework built on Apache Camel, designed for Kubernetes.
10. Configuring Camel K Integrations for Data Pipelines
- Learn how to configure Camel K for seamless data pipeline integrations in your anomaly detection workflow.
11. What is a Jupyter Notebook?
- Overview of Jupyter Notebooks, an open-source web application for creating and sharing documents with live code, equations, visualizations, and narrative text.
12. Jupyter Notebooks with Code Examples
- Hands-on examples and code snippets in Jupyter Notebooks to help you implement and test anomaly detection models.
Dandelion Hashtable: beyond billion requests per second on a commodity serverAntonios Katsarakis
This slide deck presents DLHT, a concurrent in-memory hashtable. Despite efforts to optimize hashtables, that go as far as sacrificing core functionality, state-of-the-art designs still incur multiple memory accesses per request and block request processing in three cases. First, most hashtables block while waiting for data to be retrieved from memory. Second, open-addressing designs, which represent the current state-of-the-art, either cannot free index slots on deletes or must block all requests to do so. Third, index resizes block every request until all objects are copied to the new index. Defying folklore wisdom, DLHT forgoes open-addressing and adopts a fully-featured and memory-aware closed-addressing design based on bounded cache-line-chaining. This design offers lock-free index operations and deletes that free slots instantly, (2) completes most requests with a single memory access, (3) utilizes software prefetching to hide memory latencies, and (4) employs a novel non-blocking and parallel resizing. In a commodity server and a memory-resident workload, DLHT surpasses 1.6B requests per second and provides 3.5x (12x) the throughput of the state-of-the-art closed-addressing (open-addressing) resizable hashtable on Gets (Deletes).
[OReilly Superstream] Occupy the Space: A grassroots guide to engineering (an...Jason Yip
The typical problem in product engineering is not bad strategy, so much as “no strategy”. This leads to confusion, lack of motivation, and incoherent action. The next time you look for a strategy and find an empty space, instead of waiting for it to be filled, I will show you how to fill it in yourself. If you’re wrong, it forces a correction. If you’re right, it helps create focus. I’ll share how I’ve approached this in the past, both what works and lessons for what didn’t work so well.
"Frontline Battles with DDoS: Best practices and Lessons Learned", Igor IvaniukFwdays
At this talk we will discuss DDoS protection tools and best practices, discuss network architectures and what AWS has to offer. Also, we will look into one of the largest DDoS attacks on Ukrainian infrastructure that happened in February 2022. We'll see, what techniques helped to keep the web resources available for Ukrainians and how AWS improved DDoS protection for all customers based on Ukraine experience
Main news related to the CCS TSI 2023 (2023/1695)Jakub Marek
An English 🇬🇧 translation of a presentation to the speech I gave about the main changes brought by CCS TSI 2023 at the biggest Czech conference on Communications and signalling systems on Railways, which was held in Clarion Hotel Olomouc from 7th to 9th November 2023 (konferenceszt.cz). Attended by around 500 participants and 200 on-line followers.
The original Czech 🇨🇿 version of the presentation can be found here: https://www.slideshare.net/slideshow/hlavni-novinky-souvisejici-s-ccs-tsi-2023-2023-1695/269688092 .
The videorecording (in Czech) from the presentation is available here: https://youtu.be/WzjJWm4IyPk?si=SImb06tuXGb30BEH .
Northern Engraving | Nameplate Manufacturing Process - 2024Northern Engraving
Manufacturing custom quality metal nameplates and badges involves several standard operations. Processes include sheet prep, lithography, screening, coating, punch press and inspection. All decoration is completed in the flat sheet with adhesive and tooling operations following. The possibilities for creating unique durable nameplates are endless. How will you create your brand identity? We can help!
Have you ever been confused by the myriad of choices offered by AWS for hosting a website or an API?
Lambda, Elastic Beanstalk, Lightsail, Amplify, S3 (and more!) can each host websites + APIs. But which one should we choose?
Which one is cheapest? Which one is fastest? Which one will scale to meet our needs?
Join me in this session as we dive into each AWS hosting service to determine which one is best for your scenario and explain why!
Essentials of Automations: Exploring Attributes & Automation ParametersSafe Software
Building automations in FME Flow can save time, money, and help businesses scale by eliminating data silos and providing data to stakeholders in real-time. One essential component to orchestrating complex automations is the use of attributes & automation parameters (both formerly known as “keys”). In fact, it’s unlikely you’ll ever build an Automation without using these components, but what exactly are they?
Attributes & automation parameters enable the automation author to pass data values from one automation component to the next. During this webinar, our FME Flow Specialists will cover leveraging the three types of these output attributes & parameters in FME Flow: Event, Custom, and Automation. As a bonus, they’ll also be making use of the Split-Merge Block functionality.
You’ll leave this webinar with a better understanding of how to maximize the potential of automations by making use of attributes & automation parameters, with the ultimate goal of setting your enterprise integration workflows up on autopilot.
Freshworks Rethinks NoSQL for Rapid Scaling & Cost-EfficiencyScyllaDB
Freshworks creates AI-boosted business software that helps employees work more efficiently and effectively. Managing data across multiple RDBMS and NoSQL databases was already a challenge at their current scale. To prepare for 10X growth, they knew it was time to rethink their database strategy. Learn how they architected a solution that would simplify scaling while keeping costs under control.
Programming Foundation Models with DSPy - Meetup SlidesZilliz
Prompting language models is hard, while programming language models is easy. In this talk, I will discuss the state-of-the-art framework DSPy for programming foundation models with its powerful optimizers and runtime constraint system.
Discover top-tier mobile app development services, offering innovative solutions for iOS and Android. Enhance your business with custom, user-friendly mobile applications.
How information systems are built or acquired puts information, which is what they should be about, in a secondary place. Our language adapted accordingly, and we no longer talk about information systems but applications. Applications evolved in a way to break data into diverse fragments, tightly coupled with applications and expensive to integrate. The result is technical debt, which is re-paid by taking even bigger "loans", resulting in an ever-increasing technical debt. Software engineering and procurement practices work in sync with market forces to maintain this trend. This talk demonstrates how natural this situation is. The question is: can something be done to reverse the trend?
AppSec PNW: Android and iOS Application Security with MobSFAjin Abraham
Mobile Security Framework - MobSF is a free and open source automated mobile application security testing environment designed to help security engineers, researchers, developers, and penetration testers to identify security vulnerabilities, malicious behaviours and privacy concerns in mobile applications using static and dynamic analysis. It supports all the popular mobile application binaries and source code formats built for Android and iOS devices. In addition to automated security assessment, it also offers an interactive testing environment to build and execute scenario based test/fuzz cases against the application.
This talk covers:
Using MobSF for static analysis of mobile applications.
Interactive dynamic security assessment of Android and iOS applications.
Solving Mobile app CTF challenges.
Reverse engineering and runtime analysis of Mobile malware.
How to shift left and integrate MobSF/mobsfscan SAST and DAST in your build pipeline.
2. Protect the Internet Pipe with DefensePipe
DefensePipe is a cloud-based service that protects
organizations against Internet pipe saturation
•
A cloud extension that complements Radware’s on-premise
attack mitigation capabilities
•
Operated from a data center in the cloud
•
Activated only when the attack threatens to saturate the Internet pipe
Slide 2
3. On-Premise Attack Mitigation System
Radware’s on-premise attack mitigation system (AMS) offers widest
security coverage for:
– SSL based attacks
– Application level attacks
– Low & slow attacks
– Network flood attacks
– Known vulnerabilities
– Egress traffic attacks
• Mitigation starts immediately and automatically
• No need to divert traffic
• Detailed real-time and forensic reports
Slide 3
4. Cloud-Based Attack Mitigation Service
Radware’s DefensePipe extends the reach of AMS to the cloud
• Internet Pipe saturation protection must be offered from the cloud – the
ideal location to scrub volumetric flood attacks that threaten to saturate
the Internet pipe
• Some DDoS attacks saturate the Internet pipe
– In 2012, 15% of attacks seen by Radware’s Emergency Response Team (ERT)
saturated the Internet pipe
– Average throughput of those volumetric attacks was 6.5Gpbs
Slide 4
5. DefensePipe Operation Flow
ISP
Volumetric DDoS attack that
On-premise AMS mitigates
block the Internet pipe
the attack
Radware’s ERT and the
customer decide to divert
the traffic
Clean traffic
Defense Messaging
DefensePro
Protected Online
Services
AppWall
Sharing essential
information for
attack mitigation
DefensePros
Protected Organization
Slide 5
6. DefensePipe Activation Process
Two options to activate DefensePipe
•
Process 1
– Radware’s ERT handles the attack from inception with the customer— at the
customer’s premise
• ERT notices that the Internet pipe is about to get saturated
• ERT asks for customer approval to divert traffic to the cloud
•
Process 2
– Radware’s DefensePro successfully mitigates the attack—without ERT
involvement
– DefensePro sends ‘pipe utilization’ defense messages to DefensePipe cloud
scrubbing center
– Once the pipe utilization passes a pre-defined threshold, an alert message is sent
from the on-premise attack mitigation system to the cloud
– This alert message invokes Radware’s ERT to contact the customer and asks for
approval to divert the traffic to the cloud
Slide 6
7. Solution Benefits
• On-premise mitigation for all attacks except attacks that threaten to
saturate the pipe
– Traffic is diverted only as a last resort
• Shortest mitigation response time
– On-premise AMS starts immediately to mitigate the attack
– No need to wait for traffic diversion to start mitigation
• Widest security coverage
– On-premise AMS mitigates SSL based attacks, application layer attacks, low &
slow and network attacks up to the Internet pipe capacity
– DefensePipe mitigates attacks that are beyond the Internet pipe capacity
• Single contact point during an attack
– Radware ERT fights the attack during the entire campaign
– No need to work with multiple vendors or services
• Integrated reporting system
– Reporting from on-premise mitigation and in the cloud mitigation
– Achieve more efficient forensics
Slide 7