Fighting the AppSec Fight: Don't sell products. Create partnerships.

Posted by Chris Brazdziunas on Mar 18, 2020 9:26:34 AM

It’s been a few weeks since we closed the book on another RSA conference. And as always, it was nice to catch up with old friends, meet new ones, and talk to many of the security professionals who are on the frontlines of AppSec every day.

However, after spending some time on the show floor, one thing really stood out for me: vendors were selling security products, and most attendees were looking for security partnerships.

Every vendor seemingly has a promise for why their technology, products, or features are better than their competitors. But ultimately, it falls to the customers to take a leap of faith, invest in a product, staff the product, and make it deliver on its promises. It is the customer that must do the heavy lifting and take on the risk.

Read More

Topics: Web, Application & Hybrid Cloud Security, Threat Intelligence

OWASP TOP 10: APIs Take Center Stage in Latest List of Priorities

Posted by Chris Brazdziunas on Feb 12, 2020 7:57:58 AM

OWASP recently released the first iteration of the API Security Top 10. Like the ubiquitous OWASP Top 10, the API Security Top 10 delivers a prioritized list of the most critical application security issues with a focus on the API side of applications. This is a critical new tool for AppSec teams that hones in on one of the fastest growing, yet chronically under-addressed aspects of security. In this blog, I’d like to offer you an overview of the API top 10 with comparisons to the OWASP top 10 for web applications.

Read More

Topics: Web, Application & Hybrid Cloud Security, Threat Intelligence

Detect & Prevent Newly Observed Malicious Automation Attacks

Posted by Chris Brazdziunas on Jul 22, 2019 9:47:33 AM

Just when you think you are one step ahead of hackers, they prove you wrong and set you four steps back. Hackers continue to find new and more devious ways of finding web app vulnerabilities and exploiting them. One such tactic is leveraging malicious bots and automation, which has grown in frequency, volume, and complexity. In fact, nearly 20% of all web traffic comes from malicious bots.*

In the previous post, I outlined a number of malicious automation attacks that we often see targeted against web applications and identified which industries and business types are most commonly attacked. In 2019 alone, we have seen each one of these attacks attempted on one or more of our customers. In this post, I'll share a case study for each attack type and include preventative mitigation techniques (in order of importance) to help avoid future attacks.

Read More

Topics: Threat Intelligence

Top 4 Malicious Automation Attacks & How to Detect Them

Posted by Chris Brazdziunas on Jun 24, 2019 9:53:18 AM

We first introduced malicious automation in Part I of this blog series. We shared how malicious automation is becoming a common element of the threat landscape for organizations in nearly every vertical. In Part II of this series, we want to dive into the top 4 types of malicious automation attacks that we see most often across our ThreatX customer base. They include:

Read More

Topics: Threat Intelligence

Detecting Advanced Bots Using Active Interrogation

Posted by Will Woodson | Lead Security Engineer on Jun 18, 2019 11:47:26 AM

Last year ThreatX announced enhanced bot detection and mitigation capabilities which enabled us to identify and stop malicious bots from accessing our customers’ applications. In this post we present a recent case where we have been able to use these features, namely active bot interrogation, to drastically reduce the volume of possible bot requests sent by suspicious source entities, reducing the number of useless or undesirable requests processed by the customer application and mitigating bot threats like credential stuffing, account takeover (ATO), and fraudulent transactions.

Read More

Topics: Threat Intelligence

Malicious Bot Detection Through A Complex Proxy Network

Posted by ThreatX Labs on Apr 17, 2019 7:03:26 AM

A malicious entity operating a botnet to execute credential stuffing or password spraying attacks will frequently be stopped after a series of application login attempts by an app security solution, such as a WAF, and specific bot protection solutions. As a result of these attempts, IP addresses used by the attacker will often end up in IP reputation lists and will be blacklisted by many sites.

Read More

Topics: Threat Intelligence

Using a Next-Gen WAF to Identify & Prevent Carding

Posted by Jeremiah Cruit | CISO on Feb 21, 2019 8:16:03 AM

As more and more businesses elect to conduct business online, not only are they subject to additional threats, but their customers are as well. For customers, this is especially true when using and submitting credit cards to complete online transactions. One of the most common attacks in this space is Carding. Carding occurs when an attacker utilizes illegally obtained credit card information (often in bulk), attempts to validate the stolen card numbers, and sells/utilizes the valid credit card information. In 2018, credit card fraud was expected to exceed $6 billion*. This number is only expected to grow as online shopping becomes more widespread and accepted.

Read More

Topics: Threat Intelligence

API Security Lives at the Heart of the Breach

Posted by David Geer on Feb 13, 2019 6:57:00 AM

*We are thrilled to introduce and feature David Geer on the ThreatX Blog. David is a content marketing writer and market influencer specializing in cybersecurity.*

You’ve heard that nation-state hackers stole 145 million consumer records in the 2017 Equifax breach. Did you know that this attack and breaches at Amazon, Facebook, T-Mobile, and the Black Hat security conference all targeted vulnerable APIs?

Thanks to APIs, your consumers, employees, and partners benefit from robust applications with rich features. But, cyberthugs profit too, because they can leverage APIs and their flaws to get to your data.

Thousands of new APIs become available each year on ProgrammableWeb.com alone. The global cloud API market will generate more than $1.7 billion in revenues by 2026, according to Persistence Market Research. With organizations like yours creating and using more APIs each year, the attack surface grows ever broader. Any solution must surround and secure your APIs, apps, and data despite the burgeoning landscape.

Read More

Topics: Web, Application & Hybrid Cloud Security, Threat Intelligence

ThreatX Labs - Blog

Arm yourself with information and insights on the latest cybersecurity trends to defend against today's most advanced cyber criminals with articles from the leader in SaaS-based web application firewall solutions.

Subscribe Here!

Recent Posts

Follow Me