web security
web security
One thing I’ve noticed over the last couple years is that there are 5 Stages of a Data Breach: Denial: We do not believe these attacks breached our critical servers. Anger: We want to make it clear that we take security seriously! Bargaining: We’d like to offer our affected customers a credit monitoring service. Depression: We wish we could have done things differently. Acceptance: Well, it just shows that no one is safe from hackers. ps Technorati Tags: F5, cyber-crime, trojan, Pete Silva, security, business, education, 5 stages, cyber war, hackers,...
The longer an application remains vulnerable, the more likely it is to be compromised. Protecting web applications is an around-the-clock job. Almost anything that is connected to the Internet is a target these days, and organizations are scrambling to keep their web properties available and secure. The ramifications of a breach or downtime can be severe: brand reputation, the ability to meet regulatory requirements, and revenue are all on the line. A 2011 survey conducted by Merrill Research on behalf of VeriSign found that 60 percent of respondents rely on their websites for at least 25 percent of their...
The BIG-IP platform is now ICSA Certified as a Network Firewall.
Internet threats are widely varied and multi-layered. Although applications and their data are attackers’ primary targets, many attackers gain entry at the network layer. Internet data centers and public-facing web properties are constant targets for large-scale attacks by hacker/hactivist communities and others looking to grab intellectual property or cause a service outage. Organizations must prepare for the normal influx of users, but they also must defend their infrastructure from the daily barrage of malicious users.
Security administrators who manage large web properties are struggling with security because traditional firewalls are...
Around this time of year, almost everyone and their brother put out their annual predictions for the coming year. So instead of coming up with my own, I figured I’d simply regurgitate what many others are expecting to happen. Security Predictions 2012 & 2013 - The Emerging Security Threat – SANS talks Custom Malware, IPv6, ARM hacking and Social Media. Top 7 Cybersecurity Predictions for 2012 - From Stuxnet to Sony, a number of cyberattacks emerged in 2011 that experts have predicted for quite some time. Webroot’s top seven...
As they endeavor to secure their systems from malicious intrusion attempts, many companies face the same decision: whether to use a web application firewall (WAF) or an intrusion detection or prevention system (IDS/IPS). But this notion that only one or the other is the solution is faulty. Attacks occur at different layers of the OSI model and they often penetrate multiple layers of either the stack or the actual system infrastructure. Attacks are also evolving—what once was only a network layer attack has shifted into a multi-layer network and application attack. For example, malicious intruders may start with a network-based...
Founder & CTO of WhiteHat Security, Jeremiah Grossman talks about the F5/WhiteHat partnership, the benefits of the WhiteHat Sentinel & BIG-IP ASM integration, the sophistication level of some of the recent attacks/breaches reported in the media, blocking SQL Injections and why organizations should consider an integrated WAF and Scanner like the WhiteHat/F5 solution.
</p> <p><font size="2">ps</font></p> <p><font size="2">Related:</font></p> <ul> <li><a href="https://www.whitehatsec.com/index.html" _fcksavedurl="https://www.whitehatsec.com/index.html"><font size="2" face="Tahoma">WhiteHat Security</font></a></li> <li><a href="https://www.whitehatsec.com/resource/grossman.html" _fcksavedurl="https://www.whitehatsec.com/resource/grossman.html"><font size="2" face="Tahoma">WhiteHat Blog</font></a></li> <li><a href="http://jeremiahgrossman.blogspot.com/" _fcksavedurl="http://jeremiahgrossman.blogspot.com/"><font size="2" face="Tahoma">Jeremiah Grossman Blog</font></a></li> <li><a href="http://www.f5.com/solutions/technology-alliances/security/whitehat.html" _fcksavedurl="http://www.f5.com/solutions/technology-alliances/security/whitehat.html"><font size="2" face="Tahoma">F5/WhiteHat Partnership</font></a></li> ...
We’ve all seen the auto-out-of-office replies, ‘Thanks for your message but I’m out until I return – contact my boss/subordinate/someone else if you need or want anything.’ If you’ve emailed me over the last couple weeks, you’ve seen a similar note. I took some time off, then participated in F5’s awesome Agility Conference for partners and customers and then took a few more days off. I am challenged, like many of us, to avoid work, recharge and let the brain-drain occur while ‘out of the office.’ As humans, we need to escape from our daily grind to give the mind,...
We offer a lot of webinars at F5 and this is one I recently presented to some partners. As I’ve mentioned, security attacks are moving “up the stack." 90% of security investments are focused on network security, however, 75% of the attacks are focused at the application layer. Plus the average loss of revenue per hour for a layer 7 DDoS attack is approximately $220,000. Modern DoS attacks are distributed, diverse and cross the chasm that divides network components from application infrastructure. A unified application delivery platform with multi-layer visibility is the best way to detect and mitigate multi-layer attacks. ...
Is your stomach turning or does it feel a calm satisfaction halfway through 2011? What seemed like a relatively calm 2011 during the first couple months has turned into a banner year of breaches. The forecast could qualify as: In like a Lamb, out like a Lion as they say. When thinking about this post and even as I started typing a couple sentences ago, I was planning on reviewing the trends of the last 6 months: looking at the 2011 Verizon Data Breach Investigations Report and how the total number of compromised records has decreased even if the number...
Almost half the total population of this planet. At this rate, we’ll all have our own personalized malware in the coming years, specifically tailored for our various behaviors. I built this infection especially for you. Symantec recently released their annual Internet Security Threat Report for 2010 and noted that the cyber threats are increasing both in sophistication and frequency. They found more than 286 million new threats last year with social networks and mobile devices being a favorite targets. Mobile vulnerabilities were up 42% with 163 discovered last year. The U.S. actually topped the list in many nasty categories: Most...
Full web security Archive
