Speed, Showrooming, and the “Creepiness Line”: My Top 6 Takeaways from the 2014 Shop.org Summit

At Radware, we care about making our customers’ websites and web-based applications as secure, fast, and reliable as possible. When I go to conferences and events, this is the lens through which I view every session I attend and every conversation I have.

Earlier this month, I had the privilege of being invited to lead a round table at the annual Shop.org Summit in Seattle. The Summit is one of the largest and most important ecommerce conferences in the world. If you work in the online retail space, it’s a must-attend event.

As always, I learned at least as much as I shared with others. Here are my top six takeaways.

read more

Les Assises 2014 Conference Takeaways, Building a Yellow Brick Road in France

Recently, I had the good fortune to be invited to present the keynote speech at the 2014 Les Assises Security Conference held in the beautiful city state of Monaco. Les Assises is the largest information-security gathering in France and year-in and year-out it proves to be not only a huge information sharing opportunity, but also a time of self-reflection and strategy affirmation for the thousands of security executives that attend.

read more

CVE 2014-3566 POODLE: A New Vulnerability

Radware’s Emergency Response Team (ERT) is reporting a new vulnerability published under CVE 2014-3566 named POODLE (Padding Oracle on Downgraded Legacy Encryption). This SSLv3 POODLE vulnerability can force a client to negotiate SSLv3 instead of TLS and then carry out BEAST (Browser Exploit Against SSL/TLS) attacks to obtain information from an encrypted stream.

read more

REPORT: State of the Union for Ecommerce Page Speed & Web Performance [Fall 2014]

Cyber Monday is just around the corner, and early predictions point to holiday ecommerce sales hitting an all-time record of $72 billion. But retailers know that competition for this ecommerce spend will also be at an all-time high. Many will leverage aggressive strategies, ranging from rich visuals to geo-targeting campaigns, to earn their share of the holiday retail pie. These strategies, however, can come with a significant performance price tags, making pages slow to render — and ultimately driving away consumers.

Today at Radware, we’ve released our latest research into the performance of the world’s most popular ecommerce sites. Our research answers the question: In the fight to offer shoppers the richest possible content, are retailers helping or hurting the user experience?

read more

REPORT: 2014 State of the Union for Mobile Ecommerce Performance

Mobile used to take the backseat to desktop, but in 2014 this is no longer the case. One out of four people worldwide own a smartphone, and at least 55% of all time spent on retail sites takes place on mobile devices. These numbers are why we’ve decided to release our annual state of the union for mobile web performance on the same day as our quarterly desktop state of the union.

In this post, I’ll walk through a high-level summary of our key findings, including statistics around mobile load times, website fragmentation across devices, and mobile performance challenges.

read more

Tsunami SYN Flood Attack – A New Trend in DDoS Attacks?

Over the past week Radware’s Emergency Response Team (ERT) detected a new type of SYN flood which is believed to be specially designed to overcome most of today’s security defenses with a TCP-based volume attack. Within a 48-hour period two different targets in two different continents were targeted with this new technique and have experienced very high attack volumes.

read more

Can Your Business Meet the Demands of Cyber-Ransom?

Online criminality has become a big business and new faces of social engineering and fraud are sweeping the globe. News articles regularly report on major breaches and outages, but rarely, if ever, do we see the underlying ransom demands that are presented before a business is attacked. The stand that organizations often take is that they do not negotiate with terrorists or pirates. But this approach, while noble, can become costly to a business, some may lose everything.

read more

Cyber Security Regulations Pull on the Purse Strings – and those Affected Agree it’s Necessary

Financial institutions, such as banks and credit unions, have long been a target of cyber and DDoS attacks. These attacks are designed to disrupt operations and access sensitive information, becoming a constant threat, to not only those businesses but to the customers they serve.

read more