Threat X Labs - Blog

The Silver Bullet for Mastering Threat Detection in the Hybrid Cloud

Posted by Mackenzie Jacobson on May 23, 2018 8:35:00 AM

Despite its theoretical conception in the 1960s1, cloud computing has only truly emerged and taken hold in the last decade. Organizations are now striving to find the balance in utilizing both the private and public cloud - what we refer to as the hybrid cloud environment.

While this middle ground has allowed for greater flexibility, it also complicates the desire and need to protect the data housed in these environments. Not to mention the sure volume of data, which grows at an annual compounding rate of 42% (according to the IDC). As a result, it is unrealistic to expect static signature-based security models to remain effective while continuing to offer protection for today's web applications. In this respect, legacy approaches to web application protection are fundamentally broken and often result in:

  • Costly false positives
  • Poor application response times
  • Impeding agile development
  • Overworked security teams
  • Untenable event analysis and maintenance burdens
The compliance box may be checked, but the confidence box surely is not.
Read More

Topics: Web, Application & Hybrid Cloud Security

Binary Decisions vs Active Interrogation - The Debate for WAF Providers

Posted by Andrew Useckas, CTO on May 17, 2018 8:20:00 AM

Overview

A Web Application Firewall (WAF) can be a very effective security control to protect your Internet-facing applications from botnets, targeted attacks, and general “Internet noise” generated by attempted exploitations. But is concentrating solely on actual attack vectors instead of the attacker the right way to address the problem?

Sure, most WAF solutions will be able to detect an obvious SQL injection or XSS attempt, but can they combat a barrage of WAF bypass techniques, such as multi-level URL encoding? What about other obscure request encodings that only specific web server technologies will understand and parse?

Read More

Topics: Web, Application & Hybrid Cloud Security

Using Sophisticated WAF Technology to Put the Stop to Card Fraudsters: Part II

Posted by Aaron Fosdick, CISO on May 8, 2018 9:35:00 AM

Continued from part I. Credit card fraud is an increasingly prevalent issue for card holders, card issuers, and merchants alike. Traditional approaches to WAF technology may lack the intelligence to detect and neutralize credit card fraudsters, but there are new ways, such as Threat X's contextual behavioral analysis, that are effective in neutralizing these attacks. 

Read More

Topics: Threat Intelligence

New from Threat X - Enhanced Edge Caching, DDoS Mitigation & Bot Detection

Posted by Andrew Useckas, CTO on May 2, 2018 10:15:00 AM

Based on analysis of existing data, feedback from customers, and thought leadership insights, Threat X is rolling out updates to offer advanced Edge Caching, DDoS Mitigation and Botnet Detection. 

Read More

Topics: Company | Product Updates

You're Only as Strong as the Weakest Link in Your Web App Fence

Posted by Andrew Useckas, CTO on Apr 24, 2018 10:00:00 AM

As a leading provider of SaaS-based WAF solutions, we often encounter organizations who prioritize their applications and only secure the "top" web applications. There's a critical flaw in this approach and it's leaving organizations exposed. 

Read More

Topics: Web, Application & Hybrid Cloud Security

Using Sophisticated WAF Technology to Put the Stop to Card Fraudsters: Part I

Posted by Aaron Fosdick, CISO on Apr 19, 2018 11:55:00 AM

In part I of this two-part series, we will discuss the growing issue of credit card fraud for card issuers, card holders, and merchants, including how card data is being obtained and used by today's advanced attackers.

Read More

Topics: Threat Intelligence

Threat X Labs - Blog

Arm yourself with information and insights on the latest cybersecurity trends to defend against today's most advanced cyber criminals with articles from the leader in SaaS-based web application firewall solutions.

Subscribe to Updates

Recent Posts