SlideShare une entreprise Scribd logo

Under DDoS: Instant Access to Live Information

Imperva Incapsula
Imperva Incapsula

The following presentation uses data from an actual DDoS attack to demonstrate some of the more typical uses and benefits of Incapsula’s Real-Time Event Monitoring capabilities.

TechnologieBusiness
1  sur  11
Real-Time Event Monitoring Under DDoS: Instant Access to Live Information Disclaimer: The following is a description of an actual DDoS attack against one of Incapsula’s clients. To demonstrate Incapsula’s new Real-Time reporting capabilities, this presentation makes use of an actual screenshots and data from that event. Some facts, like IP and URL addresses, were altered to preserve anonymity.
Incapsula Maximum Security, Performance & Availability Through an application-aware Global CDN platform, Incapsula provides any website and web application with best-of-breed Security, DDoS Protection, Load Balancing & Failover solutions. Incapsula’s Real-Time Event Monitoring feature support all of these services by providing Accurate Visibility of Layer 7 Traffic Flow. --------------------------------------------------------------------------------------------------------------------------------------- The following presentation uses data from an actual DDoS attack to demonstrate some of the more typical uses and benefits of Incapsula’s Real-Time Event Monitoring capabilities.
It Starts with an Email Alert… 12:25:36 PM The event starts with an email alert, reporting on a suspicious activity on our client’s site. Incapsula’s Automated DDoS Protection was activated. Right now, the site is under attack.
Real-Time: First Evaluation 12:26:02 PM Incapsula’s Real-Time Monitoring is the next “go-to” spot. • Immediately you can see that Incapsula is blocking 515 malicious HTTP requests per second, which amount to 86% of all incoming traffic. • You can also see that response times of your servers are slightly higher than usual.
Real-Time: Servers’ Health & Activity 12:26:07 PM Using one of the available view options, you can now drill down to get a better picture of server health and load distribution. Both servers are active and the load distribution is even, which is good. The next step is to get more information about the DDoS offenders…
Real-Time: DDoS Offenders’ Identity 12:26:13 PM The Session Report shown here provides you with the information you need. You notice a suspiciously large chunk of traffic from outside the US. There is also an abnormally high percentage of “Firefox” visitors. Although they use browser user-agents, it looks like not all of them support JS or Cookies.
Real-Time: Tracking of Attackers’ Movement 12:26:27 PM The adjusted More button provides you with additional information about the offenders’ activity. When you use it to review the latest blocked sessions, you notice that they all share the same Entry Point; “/blog/” - an inactive, auto-generated, URL.
Real-Time: List of Attacking IPs 12:26:33 PM By filtering the data stream to show only the Blocked traffic, you also get instant views of the Top 5 attacking IPs. The full list is accessible as well, with a click on the More button.
Real-Time: Instant Access to Live Actionable Data Incapsula’s Real-Time Monitoring efficiently provides access to the most recent information about security events, incoming traffic and servers’ activity. In this case, literally in a matter of seconds, the website’s operator was able to collect all of the information he needed to understand and react to the attack, including: • Information about malicious traffic volumes • Information about the attack’s impact on availability • Status report of origin server health • Overview of server load distribution • Updated list of the spoofed user-agents • Latest information about the attacker’s point-of-entry • Updated list of attacking IPs
Real-Time: Enabling Data-Driven Decision Making Incapsula’s Real-Time view provides accurate visibility into Layer 7 traffic. Access to this live data enables data-driven decision making, as each piece of data can be leveraged into tactical action that enriches and supplements Incapsula’s automated DDoS Protection and Load Balancing solutions. Explore this new screen to uncover more view options, which will support you through a diverse array of security and server management scenarios…
Stay Safe

Recommandé

Op Manager7
Op Manager7Op Manager7
Op Manager7lfair
 
Apache kafka- Onkar Kadam
Apache kafka- Onkar KadamApache kafka- Onkar Kadam
Apache kafka- Onkar KadamOnkar Kadam
 
Server Monitoring 101
Server Monitoring 101Server Monitoring 101
Server Monitoring 101Shovon Paulinus Rozario
 
Realtime Detection of DDOS attacks using Apache Spark and MLLib
Realtime Detection of DDOS attacks using Apache Spark and MLLibRealtime Detection of DDOS attacks using Apache Spark and MLLib
Realtime Detection of DDOS attacks using Apache Spark and MLLibRyan Bosshart
 
Starbucks Digital Strategy NMDL
Starbucks Digital Strategy NMDLStarbucks Digital Strategy NMDL
Starbucks Digital Strategy NMDLEmily Bratcher
 
Apache Spark Streaming -Real time web server log analytics
Apache Spark Streaming -Real time web server log analyticsApache Spark Streaming -Real time web server log analytics
Apache Spark Streaming -Real time web server log analyticsANKIT GUPTA
 
Clickstream Analysis
Clickstream AnalysisClickstream Analysis
Clickstream Analysisintuitiv.de
 
"up.time" New Release from uptime software - May, 2010
"up.time" New Release from uptime software - May, 2010"up.time" New Release from uptime software - May, 2010
"up.time" New Release from uptime software - May, 2010guesta93734
 

Recommandé

Op Manager7
Op Manager7Op Manager7
Op Manager7lfair
 
Apache kafka- Onkar Kadam
Apache kafka- Onkar KadamApache kafka- Onkar Kadam
Apache kafka- Onkar KadamOnkar Kadam
 
Server Monitoring 101
Server Monitoring 101Server Monitoring 101
Server Monitoring 101Shovon Paulinus Rozario
 
Realtime Detection of DDOS attacks using Apache Spark and MLLib
Realtime Detection of DDOS attacks using Apache Spark and MLLibRealtime Detection of DDOS attacks using Apache Spark and MLLib
Realtime Detection of DDOS attacks using Apache Spark and MLLibRyan Bosshart
 
Starbucks Digital Strategy NMDL
Starbucks Digital Strategy NMDLStarbucks Digital Strategy NMDL
Starbucks Digital Strategy NMDLEmily Bratcher
 
Apache Spark Streaming -Real time web server log analytics
Apache Spark Streaming -Real time web server log analyticsApache Spark Streaming -Real time web server log analytics
Apache Spark Streaming -Real time web server log analyticsANKIT GUPTA
 
Clickstream Analysis
Clickstream AnalysisClickstream Analysis
Clickstream Analysisintuitiv.de
 
"up.time" New Release from uptime software - May, 2010
"up.time" New Release from uptime software - May, 2010"up.time" New Release from uptime software - May, 2010
"up.time" New Release from uptime software - May, 2010guesta93734
 
Lecture notes -001
Lecture notes -001Lecture notes -001
Lecture notes -001Eric Rotich
 
Netcool Impact docs
Netcool Impact docsNetcool Impact docs
Netcool Impact docsHIMANSHU GOYAL
 
20160316_tbk_bit_module7
20160316_tbk_bit_module720160316_tbk_bit_module7
20160316_tbk_bit_module7University of Twente
 
New Relic_Heroku_Presentation_Dreamforce11
New Relic_Heroku_Presentation_Dreamforce11New Relic_Heroku_Presentation_Dreamforce11
New Relic_Heroku_Presentation_Dreamforce11New Relic
 
Atlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleAtlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleExtraHop Networks
 
SampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J CurrulSampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J CurrulJim Currul
 
An Evaluators Guide To Net Flow Tracker
An Evaluators Guide To Net Flow TrackerAn Evaluators Guide To Net Flow Tracker
An Evaluators Guide To Net Flow Trackereegger
 
q4 w3 ICT 10.pptx
q4 w3 ICT 10.pptxq4 w3 ICT 10.pptx
q4 w3 ICT 10.pptxCrispinaRamirez
 
4
44
4aniketnimaje
 
Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...KajolPatel17
 
The present and future of serverless observability (QCon London)
The present and future of serverless observability (QCon London)The present and future of serverless observability (QCon London)
The present and future of serverless observability (QCon London)Yan Cui
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observabilityYan Cui
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observabilityYan Cui
 
Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Infradata
 
Running Head System Proposal .docx
Running Head System Proposal .docxRunning Head System Proposal .docx
Running Head System Proposal .docxagnesdcarey33086
 
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...JAYAPRAKASH JPINFOTECH
 
Continuous Monitoring for Web Application Security
Continuous Monitoring for Web Application SecurityContinuous Monitoring for Web Application Security
Continuous Monitoring for Web Application SecurityCenzic
 
InfraStitch Software Presentation
InfraStitch Software PresentationInfraStitch Software Presentation
InfraStitch Software PresentationSwapan Deb
 
Big Data: Querying complex JSON data with BigInsights and Hadoop
Big Data: Querying complex JSON data with BigInsights and HadoopBig Data: Querying complex JSON data with BigInsights and Hadoop
Big Data: Querying complex JSON data with BigInsights and HadoopCynthia Saracco
 
Couchbase Chennai Meetup 2 - Big Data & Analytics
Couchbase Chennai Meetup 2 - Big Data & AnalyticsCouchbase Chennai Meetup 2 - Big Data & Analytics
Couchbase Chennai Meetup 2 - Big Data & AnalyticsRedBlackTree
 
D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?Imperva Incapsula
 
D3TLV17- Keeping it Safe
D3TLV17- Keeping it SafeD3TLV17- Keeping it Safe
D3TLV17- Keeping it SafeImperva Incapsula
 

Contenu connexe

Similaire à Under DDoS: Instant Access to Live Information

Lecture notes -001
Lecture notes -001Lecture notes -001
Lecture notes -001Eric Rotich
 
New Relic_Heroku_Presentation_Dreamforce11
New Relic_Heroku_Presentation_Dreamforce11New Relic_Heroku_Presentation_Dreamforce11
New Relic_Heroku_Presentation_Dreamforce11New Relic
 
Atlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleAtlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleExtraHop Networks
 
SampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J CurrulSampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J CurrulJim Currul
 
An Evaluators Guide To Net Flow Tracker
An Evaluators Guide To Net Flow TrackerAn Evaluators Guide To Net Flow Tracker
An Evaluators Guide To Net Flow Trackereegger
 
Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...KajolPatel17
 
The present and future of serverless observability (QCon London)
The present and future of serverless observability (QCon London)The present and future of serverless observability (QCon London)
The present and future of serverless observability (QCon London)Yan Cui
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observabilityYan Cui
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observabilityYan Cui
 
Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Infradata
 
Running Head System Proposal .docx
Running Head System Proposal .docxRunning Head System Proposal .docx
Running Head System Proposal .docxagnesdcarey33086
 
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...JAYAPRAKASH JPINFOTECH
 
Continuous Monitoring for Web Application Security
Continuous Monitoring for Web Application SecurityContinuous Monitoring for Web Application Security
Continuous Monitoring for Web Application SecurityCenzic
 
InfraStitch Software Presentation
InfraStitch Software PresentationInfraStitch Software Presentation
InfraStitch Software PresentationSwapan Deb
 
Big Data: Querying complex JSON data with BigInsights and Hadoop
Big Data: Querying complex JSON data with BigInsights and HadoopBig Data: Querying complex JSON data with BigInsights and Hadoop
Big Data: Querying complex JSON data with BigInsights and HadoopCynthia Saracco
 
Couchbase Chennai Meetup 2 - Big Data & Analytics
Couchbase Chennai Meetup 2 - Big Data & AnalyticsCouchbase Chennai Meetup 2 - Big Data & Analytics
Couchbase Chennai Meetup 2 - Big Data & AnalyticsRedBlackTree
 

Similaire à Under DDoS: Instant Access to Live Information (20)

Lecture notes -001
Lecture notes -001Lecture notes -001
Lecture notes -001
 
Netcool Impact docs
Netcool Impact docsNetcool Impact docs
Netcool Impact docs
 
20160316_tbk_bit_module7
20160316_tbk_bit_module720160316_tbk_bit_module7
20160316_tbk_bit_module7
 
New Relic_Heroku_Presentation_Dreamforce11
New Relic_Heroku_Presentation_Dreamforce11New Relic_Heroku_Presentation_Dreamforce11
New Relic_Heroku_Presentation_Dreamforce11
 
Atlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleAtlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report Sample
 
SampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J CurrulSampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J Currul
 
An Evaluators Guide To Net Flow Tracker
An Evaluators Guide To Net Flow TrackerAn Evaluators Guide To Net Flow Tracker
An Evaluators Guide To Net Flow Tracker
 
q4 w3 ICT 10.pptx
q4 w3 ICT 10.pptxq4 w3 ICT 10.pptx
q4 w3 ICT 10.pptx
 
4
44
4
 
Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...
 
The present and future of serverless observability (QCon London)
The present and future of serverless observability (QCon London)The present and future of serverless observability (QCon London)
The present and future of serverless observability (QCon London)
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observability
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observability
 
Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)
 
Running Head System Proposal .docx
Running Head System Proposal .docxRunning Head System Proposal .docx
Running Head System Proposal .docx
 
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...
 
Continuous Monitoring for Web Application Security
Continuous Monitoring for Web Application SecurityContinuous Monitoring for Web Application Security
Continuous Monitoring for Web Application Security
 
InfraStitch Software Presentation
InfraStitch Software PresentationInfraStitch Software Presentation
InfraStitch Software Presentation
 
Big Data: Querying complex JSON data with BigInsights and Hadoop
Big Data: Querying complex JSON data with BigInsights and HadoopBig Data: Querying complex JSON data with BigInsights and Hadoop
Big Data: Querying complex JSON data with BigInsights and Hadoop
 
Couchbase Chennai Meetup 2 - Big Data & Analytics
Couchbase Chennai Meetup 2 - Big Data & AnalyticsCouchbase Chennai Meetup 2 - Big Data & Analytics
Couchbase Chennai Meetup 2 - Big Data & Analytics
 

Plus de Imperva Incapsula

D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?Imperva Incapsula
 
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...Imperva Incapsula
 
D3TLV17- Advanced DDoS Mitigation Techniques
D3TLV17- Advanced DDoS Mitigation TechniquesD3TLV17- Advanced DDoS Mitigation Techniques
D3TLV17- Advanced DDoS Mitigation TechniquesImperva Incapsula
 
D3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the BrowserD3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the BrowserImperva Incapsula
 
D3LDN17 - A Pragmatists Guide to DDoS Mitigation
D3LDN17 - A Pragmatists Guide to DDoS MitigationD3LDN17 - A Pragmatists Guide to DDoS Mitigation
D3LDN17 - A Pragmatists Guide to DDoS MitigationImperva Incapsula
 
D3NY17- Customizing Incapsula to Accommodate Single Sign-On
D3NY17- Customizing Incapsula to Accommodate Single Sign-OnD3NY17- Customizing Incapsula to Accommodate Single Sign-On
D3NY17- Customizing Incapsula to Accommodate Single Sign-OnImperva Incapsula
 
D3NY17 - Migrating to the Cloud
D3NY17 - Migrating to the CloudD3NY17 - Migrating to the Cloud
D3NY17 - Migrating to the CloudImperva Incapsula
 
D3NY17- Using IncapRules to Customize Security
D3NY17- Using IncapRules to Customize SecurityD3NY17- Using IncapRules to Customize Security
D3NY17- Using IncapRules to Customize SecurityImperva Incapsula
 
D3SF17- Using Incap Rules to Customize Your Security and Access Control
D3SF17- Using Incap Rules to Customize Your Security and Access ControlD3SF17- Using Incap Rules to Customize Your Security and Access Control
D3SF17- Using Incap Rules to Customize Your Security and Access ControlImperva Incapsula
 
D3SF17- Boost Your Website Performance with Application Delivery Rules
D3SF17- Boost Your Website Performance with Application Delivery RulesD3SF17- Boost Your Website Performance with Application Delivery Rules
D3SF17- Boost Your Website Performance with Application Delivery RulesImperva Incapsula
 
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...Imperva Incapsula
 
D3SF17- Improving Our China Clients Performance
D3SF17- Improving Our China Clients PerformanceD3SF17- Improving Our China Clients Performance
D3SF17- Improving Our China Clients PerformanceImperva Incapsula
 
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons LearnedD3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons LearnedImperva Incapsula
 
D3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the CurveD3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the CurveImperva Incapsula
 
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...Imperva Incapsula
 
Protect Your Assets with Single IP DDoS Protection
Protect Your Assets with Single IP DDoS ProtectionProtect Your Assets with Single IP DDoS Protection
Protect Your Assets with Single IP DDoS ProtectionImperva Incapsula
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...Imperva Incapsula
 
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackAn Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackImperva Incapsula
 

Plus de Imperva Incapsula (20)

D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?
 
D3TLV17- Keeping it Safe
D3TLV17- Keeping it SafeD3TLV17- Keeping it Safe
D3TLV17- Keeping it Safe
 
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
 
D3TLV17- Advanced DDoS Mitigation Techniques
D3TLV17- Advanced DDoS Mitigation TechniquesD3TLV17- Advanced DDoS Mitigation Techniques
D3TLV17- Advanced DDoS Mitigation Techniques
 
D3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the BrowserD3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the Browser
 
D3LDN17 - A Pragmatists Guide to DDoS Mitigation
D3LDN17 - A Pragmatists Guide to DDoS MitigationD3LDN17 - A Pragmatists Guide to DDoS Mitigation
D3LDN17 - A Pragmatists Guide to DDoS Mitigation
 
D3LDN17 - Keynote
D3LDN17 - KeynoteD3LDN17 - Keynote
D3LDN17 - Keynote
 
D3NY17- Customizing Incapsula to Accommodate Single Sign-On
D3NY17- Customizing Incapsula to Accommodate Single Sign-OnD3NY17- Customizing Incapsula to Accommodate Single Sign-On
D3NY17- Customizing Incapsula to Accommodate Single Sign-On
 
D3NY17 - Migrating to the Cloud
D3NY17 - Migrating to the CloudD3NY17 - Migrating to the Cloud
D3NY17 - Migrating to the Cloud
 
D3NY17- Using IncapRules to Customize Security
D3NY17- Using IncapRules to Customize SecurityD3NY17- Using IncapRules to Customize Security
D3NY17- Using IncapRules to Customize Security
 
D3SF17- Using Incap Rules to Customize Your Security and Access Control
D3SF17- Using Incap Rules to Customize Your Security and Access ControlD3SF17- Using Incap Rules to Customize Your Security and Access Control
D3SF17- Using Incap Rules to Customize Your Security and Access Control
 
D3SF17- Boost Your Website Performance with Application Delivery Rules
D3SF17- Boost Your Website Performance with Application Delivery RulesD3SF17- Boost Your Website Performance with Application Delivery Rules
D3SF17- Boost Your Website Performance with Application Delivery Rules
 
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
 
D3SF17- Improving Our China Clients Performance
D3SF17- Improving Our China Clients PerformanceD3SF17- Improving Our China Clients Performance
D3SF17- Improving Our China Clients Performance
 
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons LearnedD3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
 
D3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the CurveD3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the Curve
 
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
 
Protect Your Assets with Single IP DDoS Protection
Protect Your Assets with Single IP DDoS ProtectionProtect Your Assets with Single IP DDoS Protection
Protect Your Assets with Single IP DDoS Protection
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
 
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackAn Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
 

Dernier

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxNavinnSomaal
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfPrecisely
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024Lorenzo Miniero
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfRankYa
 

Dernier (20)

Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
SAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptxSAP Build Work Zone - Overview L2-L3.pptx
SAP Build Work Zone - Overview L2-L3.pptx
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdfHyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
Hyperautomation and AI/ML: A Strategy for Digital Transformation Success.pdf
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 
SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024SIP trunking in Janus @ Kamailio World 2024
SIP trunking in Janus @ Kamailio World 2024
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Search Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdfSearch Engine Optimization SEO PDF for 2024.pdf
Search Engine Optimization SEO PDF for 2024.pdf
 

Under DDoS: Instant Access to Live Information

  • 1. Real-Time Event Monitoring Under DDoS: Instant Access to Live Information Disclaimer: The following is a description of an actual DDoS attack against one of Incapsula’s clients. To demonstrate Incapsula’s new Real-Time reporting capabilities, this presentation makes use of an actual screenshots and data from that event. Some facts, like IP and URL addresses, were altered to preserve anonymity.
  • 2. Incapsula Maximum Security, Performance & Availability Through an application-aware Global CDN platform, Incapsula provides any website and web application with best-of-breed Security, DDoS Protection, Load Balancing & Failover solutions. Incapsula’s Real-Time Event Monitoring feature support all of these services by providing Accurate Visibility of Layer 7 Traffic Flow. --------------------------------------------------------------------------------------------------------------------------------------- The following presentation uses data from an actual DDoS attack to demonstrate some of the more typical uses and benefits of Incapsula’s Real-Time Event Monitoring capabilities.
  • 3. It Starts with an Email Alert… 12:25:36 PM The event starts with an email alert, reporting on a suspicious activity on our client’s site. Incapsula’s Automated DDoS Protection was activated. Right now, the site is under attack.
  • 4. Real-Time: First Evaluation 12:26:02 PM Incapsula’s Real-Time Monitoring is the next “go-to” spot. • Immediately you can see that Incapsula is blocking 515 malicious HTTP requests per second, which amount to 86% of all incoming traffic. • You can also see that response times of your servers are slightly higher than usual.
  • 5. Real-Time: Servers’ Health & Activity 12:26:07 PM Using one of the available view options, you can now drill down to get a better picture of server health and load distribution. Both servers are active and the load distribution is even, which is good. The next step is to get more information about the DDoS offenders…
  • 6. Real-Time: DDoS Offenders’ Identity 12:26:13 PM The Session Report shown here provides you with the information you need. You notice a suspiciously large chunk of traffic from outside the US. There is also an abnormally high percentage of “Firefox” visitors. Although they use browser user-agents, it looks like not all of them support JS or Cookies.
  • 7. Real-Time: Tracking of Attackers’ Movement 12:26:27 PM The adjusted More button provides you with additional information about the offenders’ activity. When you use it to review the latest blocked sessions, you notice that they all share the same Entry Point; “/blog/” - an inactive, auto-generated, URL.
  • 8. Real-Time: List of Attacking IPs 12:26:33 PM By filtering the data stream to show only the Blocked traffic, you also get instant views of the Top 5 attacking IPs. The full list is accessible as well, with a click on the More button.
  • 9. Real-Time: Instant Access to Live Actionable Data Incapsula’s Real-Time Monitoring efficiently provides access to the most recent information about security events, incoming traffic and servers’ activity. In this case, literally in a matter of seconds, the website’s operator was able to collect all of the information he needed to understand and react to the attack, including: • Information about malicious traffic volumes • Information about the attack’s impact on availability • Status report of origin server health • Overview of server load distribution • Updated list of the spoofed user-agents • Latest information about the attacker’s point-of-entry • Updated list of attacking IPs
  • 10. Real-Time: Enabling Data-Driven Decision Making Incapsula’s Real-Time view provides accurate visibility into Layer 7 traffic. Access to this live data enables data-driven decision making, as each piece of data can be leveraged into tactical action that enriches and supplements Incapsula’s automated DDoS Protection and Load Balancing solutions. Explore this new screen to uncover more view options, which will support you through a diverse array of security and server management scenarios…