As security professionals facing the rising tide of threats, many of us find ourselves researching and implementing next-generation perimeter defenses to mitigate risks. Through analysis of threat vs. protection we quickly realize that no single protection will suffice; current risks require multiple protection layers to secure the business.
Typical intrusion prevention services (IPS) and next generation firewall (NGFW) devices claim coverage, but beware – they fall short. In fact recent studies from Radware’s 2011 Global Application & Network Security Report show combined IPS and FW account for 32% of the common DDoS bottleneck.read more
Availability problems aren’t necessarily unique; however the testing is certainly different, as I discussed in Part 1 of DDoS Yourself.
This “availability security problem” is resulting in an increased risk to enterprise’s whose business models are tied to time (government elections, financial trading, online promotional retailers, insurance reconciliations, etc.).
As a result, many organizations are asking themselves if they have adequate visibility to the vulnerabilities they have to hacktivist (ideologically motivated) and Availability-based (competitive motivated) DDoS attacks?read more
Boy the world has gotten complicated to defend hasn’t it? The old adage, “information security is very basic” turns out not to be true after all! As a youthful entrant into this industry I can remember my CISSP instructors telling me that “at the end of the day all you are doing is protecting the Confidentiality, Integrity and Availability of the enterprise you support”, how hard can that be after all? Wow, if it were only that simple!read more