We b Ap p A t ac ks. U ser / Iden tity. P hysi ca l 11% Other (VPN, PoS,infra.)

Similar documents
86% of websites has at least 1 vulnerability and an average of 56 per website WhiteHat Security Statistics Report 2013

Integrated Web Application Firewall (WAF) & Distributed Denial Of Service (DDoS) Mitigation For Today s Enterprises

Application Security. Rafal Chrusciel Senior Security Operations Analyst, F5 Networks

Defend Your Web Applications Against the OWASP Top 10 Security Risks. Speaker Name, Job Title

Automation is changing the modern world. DevOps, Infrastructure Automation, Process Automation

Comprehensive datacenter protection

Identiteettien hallinta ja sovellusturvallisuus. Timo Lohenoja, CISPP Systems Engineer, F5 Networks

Security

ADC im Cloud - Zeitalter

Comprehensive DDoS Attack Protection: Cloud-based, Enterprise Grade Mitigation F5 Silverline

NOTHING IS WHAT IT SIEMs: COVER PAGE. Simpler Way to Effective Threat Management TEMPLATE. Dan Pitman Principal Security Architect

Key Considerations in Choosing a Web Application Firewall

Beyond Blind Defense: Gaining Insights from Proactive App Sec

The Bots Are Coming The Bots Are Coming Scott Taylor Director, Solutions Engineering

DDoS Hybrid Defender. SSL Orchestrator. Comprehensive DDoS protection, tightly-integrated on-premises and cloud

Imperva Incapsula Website Security

NETWORKING &SECURITY SOLUTIONSPORTFOLIO

Radware Attack Mitigation Solution (AMS) Protect Online Businesses and Data Centers Against Emerging Application & Network Threats - Whitepaper

Sichere Applikations- dienste

Microsoft Security Management

OWASP TOP OWASP TOP

Cisco Firepower NGFW. Anticipate, block, and respond to threats

A different approach to Application Security

How WebSafe Can Protect Customers from Web-Based Attacks. Mark DiMinico Sr. Mgr., Systems Engineering Security

Intelligent and Secure Network

Estrategias de mitigación de amenazas a las aplicaciones bancarias. Carlos Valencia Sales Engineer - LATAM

The Oracle Trust Fabric Securing the Cloud Journey

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

AKAMAI CLOUD SECURITY SOLUTIONS

The Top 6 WAF Essentials to Achieve Application Security Efficacy

Securing Your Amazon Web Services Virtual Networks

SOLUTION BRIEF. Enabling and Securing Digital Business in API Economy. Protect APIs Serving Business Critical Applications

Data Security and Privacy : Compliance to Stewardship. Jignesh Patel Solution Consultant,Oracle

WEBSCALE CONVERGED APPLICATION DELIVERY PLATFORM

Building a More Secure Cloud Architecture

Securing Your Microsoft Azure Virtual Networks

Cisco Firepower NGFW. Anticipate, block, and respond to threats

Security for the Cloud Era

1. APPLICATION SECURITY: KEY CHALLENGES

Securing Cloud Applications with a Distributed Web Application Firewall Riverbed Technology

E-BOOK. Healthcare Cyber Security and Compliance Guide

Web Application Firewall

85% 89% 10/5/2018. Do You Have A Firewall Around Your Cloud? Conquering The Big Threats & Challenges

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

Imperva Incapsula Product Overview

SIEMLESS THREAT MANAGEMENT

Lessons from the Human Immune System Gavin Hill, Director Threat Intelligence

Censornet. CensorNet Unified Security Service (USS) FREEDOM. VISIBILITY. PROTECTION. Lars Gotlieb Regional Manager DACH

Application Security at Scale

Herding Cats. Carl Brothers, F5 Field Systems Engineer

ADVANCED THREAT PREVENTION FOR ENDPOINT DEVICES 5 th GENERATION OF CYBER SECURITY

Copyright 2011 Trend Micro Inc.

Pulse Secure Application Delivery

ISACA Silicon Valley. APIs The Next Hacker Target or a Business and Security Opportunity? Tim Mather, CISO Cadence Design Systems

En partenariat avec CA Technologies. Genève, Hôtel Warwick,

F5 Warsaw SOC. Kamil Woniak. Security Operations Manager, F5 Networks

CISCO NETWORKS BORDERLESS Cisco Systems, Inc. All rights reserved. 1

SIEMLESS THREAT DETECTION FOR AWS

The Next Generation Security Platform. Domenico Stranieri Pre- Sales Engineer Palo Alto Networks EMEA Italy

Copyright

F5 comprehensive protection against application attacks. Jakub Sumpich Territory Manager Eastern Europe

Web Application Firewall

Defense-in-Depth Against Malicious Software. Speaker name Title Group Microsoft Corporation

Presenting the VMware NSX ECO System May Geert Bussé Westcon Group Solutions Sales Specialist, Northern Europe

F5 Synthesis Information Session. April, 2014

THUNDER WEB APPLICATION FIREWALL

Unlocking the Power of the Cloud

Vincent van Kooten, EMEA North Fraud & Risk Intelligence Specialist RSA, The Security Division of EMC

The Emerging Role of a CDN in Facilitating Secure Cloud Deployments

TOP TEN DNS ATTACKS PROTECTING YOUR ORGANIZATION AGAINST TODAY S FAST-GROWING THREATS

SaaS. Public Cloud. Co-located SaaS Containers. Cloud

Enterprise D/DoS Mitigation Solution offering

Introducing MVISION. Cohesive Cloud-based Management of Threat Countermeasures and Devices Leveraging Built-in Device Controls. Jon Parkes.

May the (IBM) X-Force Be With You

Web Applications Security. Radovan Gibala F5 Networks

Protecting Against Online Fraud. F5 EMEA Webinar August 2014

Security Terminology Related to a SOC

THE EFFECTIVE APPROACH TO CYBER SECURITY VALIDATION BREACH & ATTACK SIMULATION

How-to Guide: Tenable Nessus for Microsoft Azure. Last Updated: April 03, 2018

Exposing The Misuse of The Foundation of Online Security

Author: Tonny Rabjerg Version: Company Presentation WSF 4.0 WSF 4.0

haltdos - Web Application Firewall

Teradata and Protegrity High-Value Protection for High-Value Data

AZURE CLOUD SECURITY GUIDE: 6 BEST PRACTICES. To Secure Azure and Hybrid Cloud Environments

Hybrid Identity de paraplu in de cloud

Enabling Public Cloud Interconnect Services F5 Application Connector

A10 HARMONY CONTROLLER

Enterprise Overview. Benefits and features of Cloudflare s Enterprise plan FLARE

FIREWALL PROTECTION AND WHY DOES MY BUSINESS NEED IT?

4/4/2018 F5 Government Symposium 2018 AWS and F5 Deep Dive

HOW TO CHOOSE A NEXT-GENERATION WEB APPLICATION FIREWALL

The SANS Institute Top 20 Critical Security Controls. Compliance Guide

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

Crises Control Cloud Security Principles. Transputec provides ICT Services and Solutions to leading organisations around the globe.

Securing Dynamic Data Centers. Muhammad Wajahat Rajab, Pre-Sales Consultant Trend Micro, Pakistan &

68% 63% 50% 25% 24% 20% 17% Credit Theft. DDoS. Web Fraud. Cross-site Scripting. SQL Injection. Clickjack. Cross-site Request Forgery.

SOLUTION BRIEF FPO. Imperva Simplifies and Automates PCI DSS Compliance

Symantec Endpoint Protection Family Feature Comparison

SOLUTION BRIEF CA API MANAGEMENT. Enable and Protect Your Web Applications From OWASP Top Ten With CA API Management

Cloud, SDN and BIGIQ. Philippe Bogaerts Senior Field Systems Engineer

Transcription:

We b Ap p A t ac ks U ser / Iden tity 33% 53% Apps And Identities Initial Targets In 86% Of Breaches P hysi ca l 11% Other (VPN, PoS,infra.) 3%

Fix vulnerabilities Stop web attacks Risk & compliance

What is the OWASP Top 10? Top 10 is a broad consensus on the most critical web application security flaws Most are very well known attack vectors that persist Coverage is a mandatory minimum for some regulatory requirements such as PCI DSS

Here s the good news. WAFs don t require access to source code or developers WAFs fix vulnerabilities promptly without maintenance windows WAF Technology WAFs provide coverage for OWASP Top 10 WAF offers protection against application attacks WAFs can be an alternative to code review

Non-API users Self-selected use Tech savvy consumers Innovators Disruptors Enterprise use Business partners Distribution partners Suppliers Product integration Business partners Product ecosystem Tech-savvy consumers Digital experience Mobile Web Open Web APIs B2B APIs Product APIs Internal API Enterprise Applications (custom, off-the-shelf, on premise, cloud) Products

77% of web attacks start from botnets 3 Billion Credentials were reported stolen in 2016 App-layer DDoS has increased by 43%

Traditional WAF: Advanced WAF: OWASP Top 10 OWASP Top 10 Malicious Bots SSL/TLS Inspection SSL/TLS Inspection Credential Attacks Scripting Scripting API Attacks

APPLICATION PROTECTION ADVANCED WAF PROACTIVE BOT DEFENSE APP-LAYER ENCRYPTION ANTI-BOT MOBILE SDK BEHAVIORAL DDOS

Automation Half of Internet traffic comes from bots 30% is malicious web attacks account takeover Vulnerability Scanning Web Scraping Denial of Service

Simple bots Google Impersonating Bots Bots with cookies / JS support Bots that simulate browsers

target of the same automated attacks lack mature security capabilities needs mobile specific security

Figure Credit: Verizon 2017 Data Breach Investigations Report

Use Case - Account Takeover Anti-bot Mobile SDK ATO Protection Mobile Users credentials Authentication Protection Credential Encryption Hacker Bots Data Center Interconnect Cloud Problem: Criminals are performing account takeover by stealing account credential via malware Solution: App-level credential encryption Anti-bot mobile SDK Credential Stuffing protection Brute force protection Benefits: Prevent the use of dumped credential databases (credential stuffing) Prevent the theft of user credentials (credential harvesting) Protect mobile apps - Identify and pass only the desired mobile applications.

DDoS 101 The Targets Volumetric Attacks on Bandwidth Attacks on Server stack. Low and Slow. Attacks on RAM. Firewall state tables. Attacks on crypto capacity. SSL floods. Attacks on CPU. IPS Signature Scanning. Targeted Attacks. Bugs and flaws in stack. F5 Networks, Inc 22

Use Case - DDoS Attacks Users Hacker Bots Silverline Cloud Services Problem: DDOS attacks are growing, but your resources are not DDoS mitigation time is slow due to manual initiation and difficult policy tuning Silverline Always On under attack Layer 3 DDOS Protection DDoS Hybrid Defender On-Premises Users Core DDOS Managed Service Layer 7 DDOS Protection Advanced WAF Option: consolidate into a single layer 3-7 solution Communication (signaling) Solution: Always-on protection with on-premises hardware Mitigate with layered defense strategy and cloud services F5 SOC monitoring with portal Protect against all attacks with granular control Eliminate time-consuming manual tuning with machine learning Benefits: On-premise hardware acts immediately and automatically to mitigate attacks. Silverline cloud services minimizes the risk of larger attacks crippling your site or applications

F5 Advanced WAF Protect against bots, credential attacks, and app-layer DoS Anti-bot Mobile SDK F5 Advanced WAF Defend against bots Proactive bot defense Anti-bot mobile SDK Client and server monitoring Mobile Users credentials Bot Mitigation Credential Protection App-Layer DoS Hacker Bots Prevent Account Takeover App-level encryption Mobile app tampering Brute Force protection Key Benefits: Protects Web and mobile apps from exploits, bots, theft, app-layer DoS Prevent malware from stealing data and credentials Prevent Brute Force attacks that use stolen credentials Eliminate time-consuming manual tuning for App-layer DoS protection Protect apps from DoS Auto-tuning Behavioral analytics Dynamic signatures

THE CHANGING DYNAMICS OF APPLICATION SECURITY Maximizing Value From Your WAF Web Application Firewall Proactive Bot Defense Anti-Bot Mobile SDK Vulnerabilities & Exploits Automated Attacks Mobile Applications DataSafe Encryption Behavioral Analytics API Protocol Security Credential & Data Theft Low & Slow DDoS API Vulnerabilities Threat Intelligence Feeds Credential Stuffing Threat Campaigns! Device Identification

Advanced WAF Bot Defense DataSafe Encryption Behavioral DoS Anti-Bot Mobile Solution VIPRION Standalone iseries VE BIG-IP LTM/GBB/ASM Upgrade DataSafe Add-on Cloud AWS Azure Google SDK Android Apple Enterprise BYOL Per-App-VE Licensing Cloud Marketplace Cloud Licensing Program Add-on Professional Services Fusion Deployment Advanced WAF Installation for VIPRION Advanced WAF Installation for BIG-IP Advanced WAF LaunchPad (Upgrade only) Advanced WAF Installation for BIG-IP Appdome Managed Services F5 Silverline WAF Managed WAF Express DDoS Protection F5 Managed Rules for AWS WAF WebSafe F5 Fraud Services MobileSafe Threat Intel IP Intelligence Credential Stuffing Threat Campaigns Device Identification Complementary Solutions DDoS Hybrid Defender Access Policy Manager BIG-IQ

APPDEV INLINE HOST MITIGATE CODING WAF (W EB APPLICATION FIREWALL) ENTERPRISE PROTECTION REGULATORY COMPLIANCE VA/ DAST INTEGRATIONS MOST EFFECTIVE OWASP 10 VOLUMETRIC MITIGATION RASP (Run-tim e Application Self Protection) APP PROTECTION INSTANCE POST WAF, IPS, IDS INSIDE APP OR SERVER APP LANGUAGE DEPENDENT UP TO 10% PERF. REDUCTION BUG FIXES IPS BOT PROTECTION VULNERABILTY ASSESMENT SAST (STATIC APPLICATION SECURITY TESTING) DAST (DYNAMIC APPLICATION SECURITY TESTING) IAST (INTERACTIVE APPLICATION SECURITY TESTING) DEVELOPMENT PRODUCTION

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback