2012 Global Application and Network Security Report

•Download as PPTX, PDF•

2 likes•1,052 views

Prepared by Radware’s Emergency Response Team (ERT), 2012 Global Application and Network Security Report highlights server-based botnets and encrypted layer attacks as just two of the new attack tools challenging organizations during DDoS attacks. Most recently, these tactics were leveraged by perpetrators in the attacks against U.S. financial institutions that have been ongoing since September 2012.

Radware 2012 Global Application &
Network Security Report

January 2013

AGENDA

About 2012 Global Security Report
Key Findings & Trends
Attack Tools Trend
Recommendations

Information Resources

• Industry Security Survey • ERT Cases
– External survey – Internal survey
– 179 participants – Unique visibility into attack
– 95.5% are not using behavior
Radware DoS mitigation – 95 selected cases
solutions • Customer identity remains
undisclosed

ERT gets to see attacks in
real-time on daily basis

3

Organizations Bring a Knife to a Gunfight

• “Someone who brings a knife to a gun fight”
– Organizations who do prepare for the fight, but do not
understand its true nature

• Organizations today are like that
– They do invest in security before the attack starts, and conduct
excellent forensics after it is over
– However, there is one critical blind-spot – they don't have the
capabilities or resources to sustain a long, complicated attack
campaign.

• Attackers target this blind spot!

5

Attacked in 2012

They had the budget.
They made the investment.
And yet they went offline.

6

Organizations Deploy Two-phase Security Approach

7

How Likely is It That Your Organization Will Be Attacked?

13

Entities That Are The Bottlenecks in DoS Attacks

16

HTTPS Based Attacks

• HTTPS based attacks are on the rise
• SSL traffic is not terminated by DDoS Cloud scrubbers or DDoS solutions
• SSL traffic is terminated by ADC or by the web server
• SSL attacks hit their target and bypass security solutions

22

Attacks Evade CDN Service

GET Legitimate requests
www.example.com are refused

Legitimate users

Internet Backend Webserver
• In recent cyber attacks, the CDN was easily bypassed
GET changing the page request in every Web
by
transaction
www.example.com/?[Random]

Botnet • These random request techniques forced CDNs to
“raise the curtain”
– All the attack traffic is disembarked directly to the
customer premise
– More difficult to mitigate attacks masked by CDN CDN service

24

Servers Enlisted to the Botnets Army

• In 2012 a dramatic change occurred in the DDoS
landscape
• Attackers build and activate Botnets of powerful servers to
achieve:
– Greater firepower - x100 higher bandwidth capacity vs. home PC
– Greater reliability - servers are always online
– Greater control – fewer machine to control vs. botnet of PCs

25

Attackers Are Well Prepared

• Attackers plan and run attacks on a regular basis
• Turning DDoS attacks into their profession
• Organizations face attacks a few times per year
• Too limited experience to build the required “know how”

28

Conclusions

• Today’s attacks are different:
– Carefully planned
– Last days or weeks
– Switching between attack vectors

• Organizations are ready to fight yesterdays’ attacks:
– Deploy security solutions that can absorb the first strike
– But when attacks prolong - they have very limited gunfire
– By the time they succeed blocking the first two attack vectors,
attackers switch to a third, more powerful one

29

Recommendations

• Acquire capabilities to sustain long attacks
• Train a team that is ready to respond to persistent attacks
• Deploy the most up-to-date methodologies and tools
• 24 x 7 availability to respond to attacks
• Deploy counterattack techniques to cripple an attack

30

What's hot

Responding to and recovering from sophisticated security attacks

IBM

Managing Insider Risk

Phil Huggins FBCS CITP

201408 fire eye korea user event press roundtable

JunSeok Seo

Cyber Incident Response Team - NIMS - Public Comment

David Sweigert

Denial Of Service Attacks (1)

Waheb Samaraie

2012 Reenergize the Americas 3B: Charles Hamilton

Reenergize

CSIRT_16_Jun

Candan BOLUKBAS

The Economics of Cyber Security

John Gilligan

Iso27001 Risk Assessment Approach

tschraider

Dr. Daniel M. Gerstein has served as the Deputy Under Secretary for Science & Technology in the Department of Homeland Security since August 2011. He is also an Adjunct Professor at American University in Washington, DC at the School of International Service (SIS) where he teaches graduate level courses on biological warfare and the evolution of military thought. Dr. Gerstein has extensive experience in the security and defense sectors in a variety of positions while serving as a Senior Executive Service (SES) government civilian, in uniform, and in industry. Before joining DHS, he served as the Principal Director for Countering Weapons of Mass Destruction (WMD) within the Office of the Secretary of Defense (Policy). He has served on four different continents participating in homeland security and counterterrorism, peacekeeping, humanitarian assistance, and combat in addition to serving for over a decade in the Pentagon in various high level staff assignments. Following retirement from active duty, Dr. Gerstein joined L-3 Communications as Vice President for Homeland Security Services, leading an organization providing WMD preparedness and response, critical infrastructure security, emergency response capacity, and exercise support to U.S. and international customers. Dr. Gerstein also has extensive experience in international negotiations having served on the Holbrooke Delegation that negotiated the peace settlement in Bosnia, developed and analyzed negotiating positions for the Conventional Armed Forces in Europe (CFE) talks, and developed an initiative to improve cross border communications between Colombia and neighboring Andean Ridge nations. Additionally, Dr. Gerstein led an initiative to develop a comprehensive biosurveillance system for the Department of Defense (2010-2011), served on the leadership team for the Project for National Security Reform (PNSR) which was charged with developing a new national security act to reflect the changing security environment (2007-2008), co-led the Secretary of the Army’s Transition Team (2004-2005), and led the Army’s most comprehensive restructuring since World War II (2000-2001). He has been awarded numerous military and civilian awards including an award from the Government of Colombia, the Department of State’s Distinguished Service Award, and the U.S. Army Soldiers Medal for heroism. He has published numerous books and articles on national security, biological warfare, and information technology including Bioterror in the 21st Century (Naval Institute Press, October 2009), ICMA Report: Planning for a Pandemic (ICMA Press, Volume 39/Number 3 2007), Securing America’s Future: National Strategy in the Information Age (Praeger Security International, September 2005); Leading at the Speed of Light (Potomac Books, November 2006); Assignment Pentagon (Potomac Books, May 2007). He has also served as a fellow at the Council on Foreign Relations and is a current member.

Insight Session with Dr. Daniel Gerstein, Deputy Under Secretary, S&T, DHS

Government Technology and Services Coalition

Building CSIRT and its competency

Didik Partono Rudiarto

Top Level Cyber Security Strategy

John Gilligan

Setting up CSIRT

APNIC

Vendor Cybersecurity Governance: Scaling the risk

Sarah Clarke

Adequate securitynew1404.019

Wivenhoe Management Group

Join us on our upcoming BYOP (Bring Your Own Pizza) "Application Security Meetup" to hear about the latest cyber security breaches, trends and technologies in modern application development. Agenda: 17:00 - 17:10 - Opening words - by Lior Mazor (Organizer) 17:10 - 17:35 - 'Recent cyber security attacks in Israel' - by Lior Mazor (Organizer) 17:35 - 18:00 - ‘How to deliver a secure product’ - by Michael Furman (Tufin) 18:00 - 18:30 - 'Hacking serverless - Introduction to Serverless Application Security' - by Yossi Shenhav (Komodo) 18:30-19:00 - ‘Post Apocalypse: Exploiting web messaging implementations’ - by Chen Gour-Arie (enso security)

Application security meetup 27012021

lior mazor

Security Analytics Beyond Cyber

Phil Huggins FBCS CITP

Case Study: WoW Warlords of Draenor Launch - Risk Management

Alison Riith

To improve your (threat) modeling career, you need a better (threat) agent (library)! Threat modeling is a process for capturing, organizing, and analyzing the security of a system based on the perspective of a threat agent. Threat modeling enables informed decision-making about application security risk. In addition to producing a model, typical threat modeling efforts also produce a prioritized list of security improvements to the concept, requirements, design, or implementation. In 2009, OWASP posted wiki pages on threat modeling. Although there was the start of a section on threat agents, it has yet to be completed. Intel developed a unique standardized threat agent library (TAL) that provides a consistent, up-to-date reference describing the human agents (AKA; threat actors) that pose threats to IT systems and other information assets. Instead of picking threat agents based on vendor recommendations and space requirements in Powerpoint, the TAL produces a repeatable, yet flexible enough for a range of risk assessment uses. We will cover both the TAL, the Threat Agent Risk Assessment (TARA), how they can be used to improve threat modeling. Speaker Eric Jernigan Information Security Architect, Umpqua Bank

Using the Threat Agent Library to improve threat modeling

Eric Jernigan MSIA, CISSP, CISM, CRISC

Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats The weaponisation of software has ushered in a new era of cyber attacks. But with 99% of organizations not prepared for this new front line of cyber-warfare, what does this spell for your business? • Gain a detailed overview of the next generation of threats out there • Understand how to detect key threats and attacks before they develop a stranglehold on your business • Implement the right integrated strategy to keep you safe from cybercriminals on today’s front line

Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats

Lumension

What's hot (20)

Responding to and recovering from sophisticated security attacks

Managing Insider Risk

201408 fire eye korea user event press roundtable

Cyber Incident Response Team - NIMS - Public Comment

Denial Of Service Attacks (1)

2012 Reenergize the Americas 3B: Charles Hamilton

CSIRT_16_Jun

The Economics of Cyber Security

Iso27001 Risk Assessment Approach

Insight Session with Dr. Daniel Gerstein, Deputy Under Secretary, S&T, DHS

Building CSIRT and its competency

Top Level Cyber Security Strategy

Setting up CSIRT

Vendor Cybersecurity Governance: Scaling the risk

Adequate securitynew1404.019

Application security meetup 27012021

Security Analytics Beyond Cyber

Case Study: WoW Warlords of Draenor Launch - Risk Management

Using the Threat Agent Library to improve threat modeling

Weaponised Malware & APT Attacks: Protect Against Next-Generation Threats

Viewers also liked

2011 Global Application and Network Security Report

Radware

In the Line of Fire - The Morphology of Cyber-Attacks

Radware

An Important Notice About Shellshock Bash Protection Since the news about “Shellshock Bash” vulnerabilities came out, we have been working around the clock to ensure our customers and partners are getting the best solutions from us. We have published this Shellshock Security Advisory, which will help protect your business with: • Two IPS signatures that can be used by DefensePro to block the vulnerability • Recommendations provided by Radware’s Emergency Response Team (ERT) that can be applied immediately • Recommended reference sources and vendor information Radware's team of cyber-security experts is available to our customers, 24/7. Contact us if you require immediate support for this vulnerability. We assure you that we continue to closely monitor the situation in order to ensure we provide you with the best cyber-attack protection mechanisms.

Radware ERT Threat Alert: Shellshock Bash

Radware

In the Line of Fire-the Morphology of Cyber Attacks

Radware

The enterprise perimeter is disappearing. Migration to the cloud means a more distributed network infrastructure. Transition of web based applications to the cloud renders on premise mitigation tools ineffective against web attacks and requires organizations to protect applications both on premise and in-the-cloud. Introducing Radware's Hybrid Cloud WAF Service - a fully-managed, always on service that integrates cloud-based with on premise protection against a broad range of attack vectors. Visit here http://www.radware.com/social/hybridcloudwaf/ to read "The Dawn of Hybrid Cloud WAF" and to learn how the industry's first hybrid cloud-based WAF service addresses today's most challenging web-based cyber-attacks.

Radware Hybrid Cloud WAF Service

Radware

Briefing on Recent US Bank Attacks and 2012 Attack Trends

Radware

SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...

Radware

Eventually, every website fails. If it's a household-name site like Amazon, then news of that failure gets around faster than a rocket full of monkeys. That's because downtime hurts. As a for-instance, in 2013 Amazon suffered a 40-minute outage that allegedly cost the company $5 million in lost sales. That's a big number, and everybody loves big numbers. But when it comes to performance-related losses, is it the biggest number? In this presentation from the CMG Performance and Capacity 2014 conference, Radware Web Performance Expert Tammy Everts reviews real-world examples that compare the cost of site slowdowns versus outages. We also talk about how to overcome the challenges of creating as much urgency around the topic of slow time as there is around the topic of downtime.

The Real Cost of Slow Time vs Downtime

Radware

DDoS Threat Landscape - Ron Winward CHINOG16

Radware

Is the world in the midst of a cyber-war? If so, what are the implications? In this presentation Carl Herberger, Radware's VP of Security Solutions, explores some of the most notable recent cyber-attacks and how many of the findings correlate with the tenets of warfare as defined in The Art of War by Sun Tzu, the ancient military general, strategist and tactician. How should organizations be preparing for an information security landscape that is shaped by ideologically motivated cyber warfare rather than just opportunistic cyber-crime? Learn the techniques being employed to safeguard IT operations in a theatre that is witnessing ever more sophisticated attacks. For more on how to help detect, mitigate and win this cyber war battle, visit here: http://www.radware.com/ert-report-2013/ to download the 2013 Global Application and Network Security Report.

The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre

Radware

Viewers also liked (10)

2011 Global Application and Network Security Report

In the Line of Fire - The Morphology of Cyber-Attacks

Radware ERT Threat Alert: Shellshock Bash

In the Line of Fire-the Morphology of Cyber Attacks

Radware Hybrid Cloud WAF Service

Briefing on Recent US Bank Attacks and 2012 Attack Trends

SecureWorld: Information Security Adaption: Survival In An Evolving Threat L...

The Real Cost of Slow Time vs Downtime

DDoS Threat Landscape - Ron Winward CHINOG16

The Art of Cyber War: Cyber Security Strategies in a Rapidly Evolving Theatre

Similar to 2012 Global Application and Network Security Report

The Cyber Attack landscape is evolving with new attack vectors and dangerous trends that can affect the security of your business. Some attacks can take only minutes to complete, yet months to be discovered. Determine your attack risk and learn what to look for in a quality cyber attack defense. Please visit here: http://www.radware.com/social/amn/ for information on Radware's AMN (Attack Mitigation Network.

Cyber Attack Survival: Are You Ready?

Radware

Nearly half of those businesses who suffered a DDoS attack in 2014 saw their organization taken completely offline. Why? Because over 80% of DDoS attacks are now multi-vector, striking the application layer and the network layer simultaneously, and often dragging on for days. During this webinar, Paul Mazzucco, TierPoint's Chief Security Officer, describes how these multi-vector DDoS attacks are being perpetrated and what you can do to mitigate against these complex intrusions.

Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016

TierPoint

In order to effectively defend your organization, you must think about the offensive strategy as well. But before we get ahead of ourselves let’s talk briefly about the building blocks of a good offense. First is an architecture that is built around a security policy that is aligned with the business risk. Risk must be understood and a cookie cutter approach must be avoided here because again every organization is different and so are their risks.

Threat Hunting - Moving from the ad hoc to the formal

Priyanka Aash

Navigating the Web Security Landscape

Banff Cyber Technologies

Check Point Ddos protector

Group of company MUK

Join this webinar with guest speaker Romain Fouchereau, Manager of the Security Appliance Program, European Systems and Infrastructure Solutions at IDC and Cloudflare, recently named a Leader in the IDC MarketScape: Worldwide DDoS Prevention Solutions 2019 Vendor Assessment (Doc #US43699318, March 2019). In this webinar, you will learn: - Why defending against only volumetric layer 3 and 4 attacks will leave you vulnerable to other emerging DDoS attack vectors - What economic and technological shifts are making DDoS more harmful and more evasive - Why bot management should be considered in every DDoS mitigation strategy - Which types of companies in EMEA are highly targeted and why

The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC

Cloudflare

Security professionals have years of experience logging and tracking network security events to identify unauthorized or malicious activity on a corporate network. Unfortunately, many of today's attacks are focused on the application layer, where the fidelity of logging for security events is less robust. Most application logs are typically used to see errors and failures and the internal state of the system, not events that might be interesting from a security perspective. Security practitioners are concerned with understanding patterns of user behavior and, in the event of an attack, being able to see an entire user’s session. How are application events different from network events? What type of information should security practitioners ensure software developers log for event analysis? What are the types of technologies that enable application-level logging and analysis? In this presentation, John Dickson will discuss what should be present in application logs to help understand threats and attacks, and better guard against them.

Top Strategies to Capture Security Intelligence for Applications

Denim Group

Join this webinar with guest speaker Christopher Rodriguez, Research Manager of Cybersecurity Products for IDC and Cloudflare, recently named a Leader in the IDC MarketScape: Worldwide DDoS Prevention Solutions 2019 Vendor Assessment (Doc #US43699318, March 2019). In this webinar, you will learn: - Why defending against only volumetric layer 3 and 4 attacks will leave you vulnerable to other emerging DDoS attack vectors - What economic and technological shifts are making DDoS more harmful and more evasive - Why bot management should be considered in every DDoS mitigation strategy - Which types of companies in North America are highly targeted and why

Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC

Cloudflare

Sprawling networks, streaming vendor vulnerability updates, and an application portfolio that remains a mystery keep you up late wondering where your weakest link exists. Budget constraints make you wonder where to begin, given that the responsibility to protect your organization remains firmly on your shoulders. How do savvy leaders identify the most pressing exposures and prioritize their efforts given limited budgets? What are the strategies that sophisticated IT and security leaders pursue to identify the scariest vulnerabilities and fix them before attackers find them? This session will lay out actionable plans to immediately identify and reduce more of your organization’s attack surface.

Reducing Attack Surface in Budget Constrained Environments

Denim Group

This webinar series is designed to help internal auditors looking to equip themselves with competencies and confidence to handle audit of IT controls and information security, and learn about the emerging technologies and their underlying risks The series focuses on contemporary IT audit approaches relevant to Internal Auditors and the processes underlying risk based IT audits. Session 10 of 10 This Webinar focuses on Advanced Persistent Threats and targeted cyber attacks: • Advanced Persistent Threats – the shifting paradigm to targeted attacks • Understanding Advanced Persistent threats • Overview of popular types of APTs • Impact of APTs on sensitive data as well as organisation reputation • Characteristics and Attack sequence of APT attacks and the challenges in detecting APTs • Assessing, Managing and Auditing APT Risks • Data loss and Cyber intrusions

Cyber security series advanced persistent threats

Jim Kaplan CIA CFE

DNS Security Presentation ISSA

Srikrupa Srivatsan

By Nabeel Saeed This presentation explores the current DDoS attack landscape, it covers the basics of DDoS attacks, current trends including the most recent results from the newly published 2015 Imperva Incapsula DDoS Report. It also discusses a detailed analysis of one of today’s modern, multi-vector DDoS attacks. While dissecting this DDoS attack, this presentation explores the anatomy and timeline of the attack, as well as the steps used to mitigate each phase of the assault. This session will close with a review of the aspects of effective DDoS protection solutions used to combat these sophisticated denial of service attacks.

An Inside Look at a Sophisticated Multi-Vector DDoS Attack

Imperva Incapsula

Presented at Executive Leaders Network CMO/DPO/CIO/CISO Event on October 06th. "In the face of skyrocketing cyber risk, detecting and responding to attacks is no longer enough. Organizations must take proactive steps to prevent threats before they happen, and to recover if compromised. In this session, Darktrace unveil an ambitious new approach to security, with core engines powering AI technologies to prevent, detect, respond, and ultimately heal from attacks. Together, these engines combine to strengthen organizations’ security posture in a virtuous AI feedback ‘loop,’ which provides powerful end-to-end, bespoke, and self-learning solutions unique to each organization."

How AI can Think Like an Attacker (Carlos Gray at DarkTrace)

Executive Leaders Network

Cyber Resilience

Phil Huggins FBCS CITP

Application-level vulnerabilities have been responsible for a number of very public data breaches and are increasingly a target for a variety of types of attackers. This presentation demonstrates some of the security vulnerabilities that are often introduced during software development projects. It also looks at activities that can help identify these vulnerabilities as well as prevent them from being introduced in the first place. Attendees will take away from the presentation an understanding of software security risks as well as where assurance activities can be included in the project plan to help increase the security of software being developed with a minimum of impact to project schedules and budgets.

Software Security for Project Managers: What Do You Need To Know?

Denim Group

How are you planning to secure your employees, your company, and your customers in 2019? Prior to joining Cloudflare as its Chief Security Officer (CSO) in 2018, Joe Sullivan spent 5+ years as CSO for Facebook and 2.5 years as CSO for Uber. He also previously held security and legal roles at PayPal and eBay and served on the Obama Administration as a member of the Commission on Enhancing National Cybersecurity. With over a decade of experience from some of the world’s most influential companies, Joe will share the core strategies he is taking to help protect Cloudflare and, as a result, its 12M domains who rely on its services for security and performance.

The 2019 Security Strategy

Cloudflare

ddos-protector-customer-presentation.pdf

TuPhan66

In recent years, there has been a significant number of cyberattacks resulting in massive business disruptions. In this regard, many organizations are hiring ethical hacking groups to help prevent future attacks. Amongst others, the webinar covers: • 2021 Cyber-incidents • 2021 Black swans • Ransomware vNext • IoT - internet of things • Cyber security insurance evolution • Cyber best practices & frameworks • The 2022 black swans Presenter: Our first presenter for this webinar is Peter Geelen, director and managing consultant at CyberMinute and Owner of Quest for Security, Belgium. Over more than 20 years, Peter has built strong experience in enterprise security & architecture, Identity & Access management, but also privacy, information & data protection, cyber- and cloud security. Last few years, the focus is on ISO/IEC 27001 and other ISO certification mechanisms. Peter is accredited Lead Auditor for ISO/IEC 27001, ISO 9001, PECB Trainer and Fellow in Privacy. Our second presenter is Erwin AM Geirnaert, Co-founder and Chief Application Security Architect at Shift Left Security, a Belgian cybersecurity start-up specialized in securing start-ups, scale ups and SMBs against malicious cybercriminals. Erwin is a specialist in mobile security, J2EE security .NET security, API Security and web services security. Erwin has more than 20 years’ experience in executing security tests aka penetration testing of web applications, mobile apps, APIs and thick client applications. He is also a recognized application security expert and speaker at international events like Javapolis, LSEC, OWASP, Eurostar, Infosecurity, etc. ------------------------------------------------------------------------------- Find out more about ISO training and certification services Training: https://pecb.com/whitepaper/iso-27001-information-technology--security-techniques-information-security--management-systems---requirements Webinars: https://pecb.com/webinars Article: https://pecb.com/article Whitepaper: https://pecb.com/whitepaper ------------------------------------------------------------------------------- For more information about PECB: Website: https://pecb.com/ LinkedIn: https://www.linkedin.com/company/pecb/ Facebook: https://www.facebook.com/PECBInternational/ Slideshare: http://www.slideshare.net/PECBCERTIFICATION YouTube video: https://youtu.be/ZHQQ1yJX2uU Website link: https://pecb.com/

Ethical Hacking and Cybersecurity – Key Trends in 2022

PECB

Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy

Stephanie McVitty

The past few months have seen significant changes in global DDoS tactics. We can observe these changes in detail by analyzing traffic patterns from Cloudflare’s global network, which protects more than 27 million Internet properties and blocks 45 billion cyber threats every day. What approaches are DDoS attackers using right now, and what are forward-thinking organizations doing in response? Cloudflare DDoS product experts Omer Yoachimik, and Vivek Ganti will explore new data on DDoS trends and discuss ways to counter these tactics.

Recent DDoS attack trends, and how you should respond

Cloudflare

Similar to 2012 Global Application and Network Security Report (20)

Cyber Attack Survival: Are You Ready?

Tierpoint webinar: Multi-vector DDoS attacks: detection and mitigation_Jan2016

Threat Hunting - Moving from the ad hoc to the formal

Navigating the Web Security Landscape

Check Point Ddos protector

The Morphing DDoS and Bot Landscape: Featuring Guest Speaker from IDC

Top Strategies to Capture Security Intelligence for Applications

Defending Threats Beyond DDoS Attacks: Featuring Guest Speaker from IDC

Reducing Attack Surface in Budget Constrained Environments

Cyber security series advanced persistent threats

DNS Security Presentation ISSA

An Inside Look at a Sophisticated Multi-Vector DDoS Attack

How AI can Think Like an Attacker (Carlos Gray at DarkTrace)

Cyber Resilience

Software Security for Project Managers: What Do You Need To Know?

The 2019 Security Strategy

ddos-protector-customer-presentation.pdf

Ethical Hacking and Cybersecurity – Key Trends in 2022

Best_of_Breed_3-24-2015_How_to_Achieve_ABAC_Today copy

Recent DDoS attack trends, and how you should respond

More from Radware

Cyber Security Through the Eyes of the C-Suite (Infographic)

Radware

What’s the Cost of a Cyber Attack (Infographic)

Radware

Radware Cloud Security Services

Radware

Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)

Radware

When it Comes to ADCs, Perception is Not Reality. The Enterprise Strategy Group and Radware recently conducted a collaborative research project about the current use and future strategies of application delivery controllers (ADCs). Based on a survey of 243 IT professionals, the research reveals that the role of ADCs has expanded well beyond the historical perception of hardware-based load balancers. What’s most interesting is that ADCs are becoming a critical component of a defense-in-depth security strategy as enterprises fine-tune security policy and enforcement to align with their sensitive business applications. Organizations are also deploying ADCs as virtual appliances at an increasing rate and taking advantage of ADC functionality from the network through the application layer. There is a lesson to be learned here: enterprise organizations can get creative with ADC deployments for performance tuning, application-specific services, and critical system protection. Read this research http://www.radware.com/social/esg-adc-research/ to understand the benefits of applying ADCs in this fashion.

The Expanding Role and Importance of Application Delivery Controllers [Resear...

Radware

With cyber-attacks becoming a growing concern for organizations, availability-based attacks, also known as Denial of Service or Distributed Denial of Service attacks, have long moved from a form of cyber protest to a destructive weapon that is used by cyber criminals, hacktivists and even governments. In 2013 we saw a growing use of a new type of attack where attackers used legitimate transactions to saturate application servers’ resources. In this presentation, Security Expert Werner Thalmeier demonstrates how such an advanced attack can be created from a laptop running in an anonymous public WiFi network. He also evaluates the attack landscape and its impact on organizations as well as shares the best practices to protect against such cyber-attacks. Understand the current availability-based threat landscape and learn about new types of cyber-attacks that are being used to saturate resources. For more information on the state of Application and Network Security, please visit: http://www.radware.com/ert-report-2013/

The Art of Cyber War [From Black Hat Brazil 2014]

Radware

Slow pages hurt mobile user metrics, from bounce rate to online revenues and long-term user retention. At Radware, we wanted to understand the science behind this, so we engaged in the first documented study of the neurological impact of poor performance on mobile users. Your takeaway from this presentation is hard data that you can use to make a case for investing in mobile performance in your organization. Based on similar research performed on desktop users, our study involved using a groundbreaking combination of eyetracking and electroencephalography (EEG) technologies to monitor brain wave activity in a group of mobile users who were asked to perform a series of online transactions via mobile devices. In our study, participants were asked to complete standardized shopping tasks on four ecommerce sites while using a smartphone. We studied participants during these tasks, both at the normal speed over Wifi and also at a consistently slowed-down speed (using software that allowed us to create a 500ms network delay). The participants did not know that speed was a factor in the tests; rather, they believed that they were participating in a generic usability/brand perception study. From the data, we were able to extract measures of frustration and emotional engagement for the browsing and checkout stages of both the normal and slowed-down versions of all four sites. This presentation, shared by Radware Web Performance Evangelist Tammy Everts at the 2014 Velocity Conference and the CMG Performance and Capacity 2014 Conference, provides a deeper understanding of the impact of performance on mobile users. For even more on the research, you can also download it here: http://www.radware.com/mobile-eeg2013/

Mobile Web Stress: Understanding the Neurological Impact of Poor Performance

Radware

This is your brain. This is your brain on a mobile site with throughput throttled just enough to frustrate the heck out of you. This is your brain thinking about all the tests you could run if you had your own lightweight, wireless EEG braincap to directly but passively monitor brain activity in your customers as they interact with your digital assets. From the eMetrics Conference in Chicago, Radware Evangelist Tammy Everts describes a mobile web stress test conducted to gauge the impact of network speed on emotional engagement and brand perception. Neural marketing has escaped the lab and has found its way into practical applications. For even more on the web stress tests, please visit: http://www.radware.com/mobile-eeg2013/

Emotional Engagement and Brand Perception

Radware

InfoSecurity Europe 2014: The Art Of Cyber War

Radware

Why would you want to have an open source driver? Samuel Bercovici, Radware's Director of Automation & Cloud Integration, answers this and offers an introduction to Drivers in Havana in this presentation from his recent appearance at OpenStack Israel. Read more in our Press Release: http://www.radware.com/NewsEvents/PressReleases/Radware-Alteon-Provides-Load-Balancing-for-OpenStack-Cloud-Applications/

OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...

Radware

SecureWorld St. Louis: Survival in an Evolving Threat Landscape

Radware

Survival in an Evolving Threat Landscape

Radware

In the Line of Fire-the Morphology of Cyber Attacks

Radware

Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security

Radware

In the Line of Fire-the Morphology of Cyber Attacks

Radware

Providing best response times, tightest security and highest availability for...

Radware

Stock Exchanges in the Line of Fire-Morphology of Cyber Attacks

Radware

Attackers Vs. Defenders: Restoring the Equilibrium

Radware

Radware DefensePipe: Cloud-Based Attack Mitigation Solution

Radware

More from Radware (19)

Cyber Security Through the Eyes of the C-Suite (Infographic)

What’s the Cost of a Cyber Attack (Infographic)

Radware Cloud Security Services

Radware 2016 State of the Union: Multi Industry Web Performance (Desktop)

The Expanding Role and Importance of Application Delivery Controllers [Resear...

The Art of Cyber War [From Black Hat Brazil 2014]

Mobile Web Stress: Understanding the Neurological Impact of Poor Performance

Emotional Engagement and Brand Perception

InfoSecurity Europe 2014: The Art Of Cyber War

OpenStack Networking: Developing and Delivering a Commercial Solution for Lo...

SecureWorld St. Louis: Survival in an Evolving Threat Landscape

Survival in an Evolving Threat Landscape

In the Line of Fire-the Morphology of Cyber Attacks

Radware DefenseFlow-The SDN Application That Programs Networks for DoS Security

In the Line of Fire-the Morphology of Cyber Attacks

Providing best response times, tightest security and highest availability for...

Stock Exchanges in the Line of Fire-Morphology of Cyber Attacks

Attackers Vs. Defenders: Restoring the Equilibrium

Radware DefensePipe: Cloud-Based Attack Mitigation Solution

2012 Global Application and Network Security Report

1. Radware 2012 Global Application & Network Security Report January 2013

2. AGENDA About 2012 Global Security Report Key Findings & Trends Attack Tools Trend Recommendations

3. Information Resources • Industry Security Survey • ERT Cases – External survey – Internal survey – 179 participants – Unique visibility into attack – 95.5% are not using behavior Radware DoS mitigation – 95 selected cases solutions • Customer identity remains undisclosed ERT gets to see attacks in real-time on daily basis 3

4. AGENDA About 2012 Global Security Report Key Findings & Trends Attack Tools Trend Recommendations

5. Organizations Bring a Knife to a Gunfight • “Someone who brings a knife to a gun fight” – Organizations who do prepare for the fight, but do not understand its true nature • Organizations today are like that – They do invest in security before the attack starts, and conduct excellent forensics after it is over – However, there is one critical blind-spot – they don't have the capabilities or resources to sustain a long, complicated attack campaign. • Attackers target this blind spot! 5

6. Attacked in 2012 They had the budget. They made the investment. And yet they went offline. 6

7. Organizations Deploy Two-phase Security Approach 7

8. Attacks Today Have 3 Phases 8

9. ERT Cases – Attack Duration Trend 9

10. ERT Cases – Attack Vectors Trend 10

11. ERT Introduces Its APT Score 11

12. ERT Cases – APT Score Trend 12

13. How Likely is It That Your Organization Will Be Attacked? 13

14. How Well Are You Prepared? 14

15. Attack Vector Trends 15

16. Entities That Are The Bottlenecks in DoS Attacks 16

17. Solutions Used Against DoS Attacks 17

18. Dedicated Versus General Solutions 18

19. Attackers Motivation Trend 19

20. Who’s on the Target List? 20

21. AGENDA About 2012 Global Security Report Key Findings & Trends Attack Tools Trend Recommendations

22. HTTPS Based Attacks • HTTPS based attacks are on the rise • SSL traffic is not terminated by DDoS Cloud scrubbers or DDoS solutions • SSL traffic is terminated by ADC or by the web server • SSL attacks hit their target and bypass security solutions 22

23. Content Delivery Network (CDN) 23

24. Attacks Evade CDN Service GET Legitimate requests www.example.com are refused Legitimate users Internet Backend Webserver • In recent cyber attacks, the CDN was easily bypassed GET changing the page request in every Web by transaction www.example.com/?[Random] Botnet • These random request techniques forced CDNs to “raise the curtain” – All the attack traffic is disembarked directly to the customer premise – More difficult to mitigate attacks masked by CDN CDN service 24

25. Servers Enlisted to the Botnets Army • In 2012 a dramatic change occurred in the DDoS landscape • Attackers build and activate Botnets of powerful servers to achieve: – Greater firepower - x100 higher bandwidth capacity vs. home PC – Greater reliability - servers are always online – Greater control – fewer machine to control vs. botnet of PCs 25

26. DDoS Infrastructure Changes 26

27. AGENDA About 2012 Global Security Report Key Findings & Trends Attack Tools Trend Recommendations

28. Attackers Are Well Prepared • Attackers plan and run attacks on a regular basis • Turning DDoS attacks into their profession • Organizations face attacks a few times per year • Too limited experience to build the required “know how” 28

29. Conclusions • Today’s attacks are different: – Carefully planned – Last days or weeks – Switching between attack vectors • Organizations are ready to fight yesterdays’ attacks: – Deploy security solutions that can absorb the first strike – But when attacks prolong - they have very limited gunfire – By the time they succeed blocking the first two attack vectors, attackers switch to a third, more powerful one 29

30. Recommendations • Acquire capabilities to sustain long attacks • Train a team that is ready to respond to persistent attacks • Deploy the most up-to-date methodologies and tools • 24 x 7 availability to respond to attacks • Deploy counterattack techniques to cripple an attack 30

31. Thank You www.radware.com

2012 Global Application and Network Security Report

Recommended

Recommended

More Related Content

What's hot

What's hot (20)

Viewers also liked

Viewers also liked (10)

Similar to 2012 Global Application and Network Security Report

Similar to 2012 Global Application and Network Security Report (20)

More from Radware

More from Radware (19)

2012 Global Application and Network Security Report