The Year of the (SDN) App

Jim Frey is Vice President of Research, Network Management for Enterprise Management Associates (EMA) and is a featured guest blogger.

While there is still work to be done, Software-Defined Networking (SDN) is making steady strides towards achieving the viability and maturity needed to become a foundational element of networking in both enterprise and service provider settings.  One of the key indicators of progress has little to do with the basics of SDN technology itself, but with the growing number of applications designed to leverage and interact with SDNs.  This is creating a “pull” that is every bit as important as the “push” of revolutionary infrastructure technology.

read more

The New Face of Social Engineering and Fraud

Nearly every one of us has had some sort of social engineering or "Phishing" scam attempted on us and some of us, unfortunately, have even learned the lessons from the scam the hard way. I know how excited I was the first time somebody wanted to share $8M dollars with me from my long lost Uncle Frederick Hobbs IV, heir to the estate of the late Frederick the Great or some other nonsense. I immediately daydreamed about what color the new cool car I would buy with cash would be.

read more

Coping with the New Era of Application SLAs

Jim Frey is Vice President of Research, Network Management for Enterprise Management Associates (EMA) and is a featured guest blogger.

The steady moves toward internal/external cloud computing, virtualization, more complex web applications, BYOD, the App economy and new strategies for dealing with cyber attacks are bringing disruptive change to IT.  These changes are mostly for the good, but along the way that have created a litany of new pain points and challenges. 

read more

A Flaw Worth Fixing? How We Tested (And Stopped) the Facebook Notes Flaw

Recently, independent researcher Chaman Thapa published a report on an attack scenario showing how someone could use Facebook Notes to DDoS any website. When Facebook and DDoS enter the conversation, news spreads quickly and questions emerge. What is the flaw? How serious is it? Who or what can be affected? The Radware Emergency Response Team (ERT) decided to take a look at the Facebook Notes attack type by testing it in our lab. First, here’s some background:

read more

Facebook, Google, Yahoo — How Hackers Can Use Everyday Sites for Reflection & Amplification Attacks

Reflection and amplification attacks are used to extend DDoS harm. Recently, I discussed how the most recent unwelcome arrival of HTTP-based reflectors and amplifiers have had a more significant impact than past standard floods and I wondered, what would happen if attackers started using Facebook for link “loading” with fake accounts? The possibilities seemed endless and, according to “A Programmer’s Blog,” somebody has already worked on this and created a 400 MB flood using only Facebook Mobile.

read more

Why Ecommerce Sites That Use a CDN Take Longer to Become Interactive (and Why You Still Need a CDN)

One of the most provocative findings in our latest State of the Union for Ecommerce Web Performance was the fact that using a content delivery network correlated to slower performance for retail sites. In today’s post, we’ll explore what this finding means (hint: correlation doesn’t mean causation) and why you still need a CDN in your performance toolkit.

read more

A Snapshot of DDoS Regulations: 6 Protection Initiatives

In the first four months of 2014, news reports have regularly detailed cyber-attacks that have affected victims ranging from small companies to nation-states. An existential threat to many organizations, cyber-attacks can target the fidelity and integrity of an industry, from financial services to power generation. Due to this, regulators throughout the world are stepping in to try and drive meaningful action where they believe it is required. These early efforts may be the harbingers of future legislation and give birth to standard approaches and forums to debate the efficacy in approaches.

read more

Why Cyber Attackers are Still Defeating Your Network Security

Nearly, two years ago I questioned the myth: does size really matter? and now it’s time to revisit the issue and also look at some of the changes occurring in the cybercrime scene.

The big myth of 2012 was that organizations need to prepare for enormous attacks. The attack on Spamhaus in 2013 supported this claim.

read more