main

Cloud SecurityDDoSSecurity

Cloud-Based or Provider-Managed DDoS Mitigation: Which is Right for Your Organization?

July 12, 2016 — by Jordan Jacobs0

ddos-attack-mitigation-3-960x626.png

Two facts are changing how companies think about DDoS mitigation: DDoS attacks are more frequent than ever and are increasingly easier to initiate from anywhere in the world.

Simply put, the days when firewalls and a large enough pipe to the internet were enough to protect your network have long since passed. Any organization or website is a potential target, and with high odds of a given attack flooding homegrown defense tactics, most companies are moving their mitigation tools offsite. The cost of downtime – upwards of $9,000 per hour for small businesses and $690,000 for large companies – are just too great to risk going it alone.

Cloud SecuritySecurity

“POP” Goes the Vendor that Doesn’t Separate Scrubbing Centers from Always-On Platforms

June 1, 2016 — by Ben Desjardins0

cloud-scrubbing-3-960x524.png

It seems hardly a week can pass without some cloud-based security service provider announcing the latest expansion of their cloud infrastructure. The cadence has turned into something of an arms race mentality on the part of these providers, perhaps in response to a sense that’s what the market wants to see in a service provider. After all, X+1 number of Points of Presence (POPs) is better than X, right?

Well, the real answer is that most confounding of answers: it depends. In this case, the dependency is a question of what specific problem you’re trying to solve.

Cloud SecuritySecurity

Static Cloud Security Is Obsolete; Long Live Continuously Adaptive Cloud Security!

May 17, 2016 — by Haim Zelikovsky0

08_AdobeStock_85269141-960x508.jpeg

Successfully protecting against web-based attacks is like trying to win a game that keeps changing its rules all the time… only nobody tells you what the new rules are! Static cloud security services cannot help you win the web security game. Only cloud security services that continuously and automatically adapt to the rapidly evolving threat landscape and protected assets can assure you are well prepared to anything that will be thrown at you… even as the rules continuously change!

Application DeliveryCloud SecurityVirtualization

Virtualizing the ADC – Molding Mature Technologies for the Cloud

April 5, 2016 — by Frank Yue0

virtualizing-the-adc-2-960x603.png

Virtualization of existing technologies is an evolutionary step in the development of cloud designs.  The cloud is supposed to be an architecture that delivers applications and data in a reliable and fault-tolerant manner.  The benefits that we want to derive are not new.  We are just applying them to a different business model.  We created the cloud to deliver applications and data anytime, anywhere, and to any device. We need to reconfigure existing processes and technologies to support the evolving cloud architecture.

Cloud SecuritySecurity

Themes, Conversations and Takeaways from 2016 RSA

March 10, 2016 — by Ben Desjardins0

dont_control_apps_need_to_protect-1.png

The hackers are winning.

Or said more accurately, strong security is losing . . . sometimes to itself.  

That seemed to be a general undertone of last weeks’ RSA Conference. No one actually came out and said it in those words, but there is an undeniable degree of humility to many of the messages passing through the halls of the Mascone Center this year.

Cloud SecurityDDoSSecurity

Network-as-a-Sensor: A New Approach to the DDoS Problem

February 17, 2016 — by Ron Meyran1

network-as-a-sensor-2-960x480.jpg

Mike Geller from Cisco’s CTO office and Ehud Doron of Radware’s CTO office presented at Cisco Live Berlin 2016 the revolutionary concept of Network-as-a-Sensor to fight DDoS attacks.

There are two approaches to detect against DDoS attacks: on-premise (also sometimes called in-line) and Cloud (out of path). When a DDoS protection solution is deployed on-premise, organizations benefit from an immediate and automatic attack detection and DDoS mitigation solution. Within seconds from the start of an attack, the online services are well protected and the attack is mitigated.

Attack Types & VectorsCloud SecurityDDoSSecuritySSL

Cyber-Attackers Are Adjusting to the Security Adjustments You’ve Made

February 16, 2016 — by Ben Desjardins0

cyberattack-adjustments-2-960x580.jpg

Sometimes it feels terrible to be right. In our recent Global Application & Network Security Report we predicted an increase in complex encrypted attack vectors and the importance of putting in place adequate defenses that can scale and inspect encrypted traffic.  Just last week, we got a vivid example of the increasing threat posed by encrypted attack vectors. A high profile attack occurred with an organization that had both a combination of on-premises and cloud-based DDoS protection, yet the organization’s site still went down, in large part because the attack “hid” from detection by the cloud-based resources by using encryption.

Cloud SecuritySecurity

Don’t Let the Headlines Cloud Your Security Architecture Decisions

September 3, 2015 — by Ben Desjardins1

Information security professionals can hardly be blamed for a recent over-emphasis on looking to cloud-based solutions for protection for both network and application protection. It’s a natural reaction to the seemingly endless stream of news about large volumetric attacks. Add to that the natural migration of many applications to the cloud and the cloud momentum really gets rolling.