vectors

Results 1 - 25 of 49Sort Results By: Published Date | Title | Company Name

Improving Web Application Security: The Akamai Approach to WAF

Published By: Akamai Technologies     Published Date: Mar 10, 2016
The web application firewall (WAF) is among the most complex security technologies on the market today. The complexity of managing a WAF includes a pre-defined list of rules to identify thousands of potential exploits, intelligence about new attack vectors, and identifying malicious HTTP requests from legitimate HTTP traffic. Read this white paper to learn how to combine attack detection with threat intelligence using our cloud platform and managed security services to better protect your web applications.
Tags : 
akamai technology, web application security, http, best practices, security, risk management
    
Akamai Technologies

An Analysis of xss Exploitation through Remote Resource Injection

Published By: Akamai Technologies     Published Date: Sep 27, 2016
Akamai’s Threat Research team analyzed a week of cross-site scripting (xss) alert triggers to gain clarity on the nature of xss attacks. Read this case study to learn which vectors are vulnerable and specific techniques that were employed during remote resource injection exploitation attempts versus simple probing requests.
Tags : 
akamai, xss, xxs exploration, threat research, analytics, security, cybersecurity, networking
    
Akamai Technologies

Protecting Your Network from Malware

Published By: Akamai Technologies     Published Date: Jun 14, 2018
"Existing security controls are outmatched — at best static and reactive. Current layers likely aren’t protecting you against all attack vectors, like the vulnerable back door that is recursive DNS. And security mechanisms that frustrate, impede, or disallow legitimate users, devices, or applications will have low adoption rates and/or will curtail productivity. Benign users may even circumvent these processes, further undermining your corporate security posture and creating more gaps in your defense-in- depth strategy. One of the many use cases associated with a zero trust security strategy is protecting your network — and most importantly, your data — from malware. "
Tags : 
dns, rdns, security, zero trust security, malware, data, network security
    
Akamai Technologies

Protecting Your Network from Malware

Published By: Akamai Technologies     Published Date: Dec 11, 2018
Existing security controls are outmatched — at best static and reactive. Current layers likely aren’t protecting you against all attack vectors, like the vulnerable back door that is recursive DNS. And security mechanisms that frustrate, impede, or disallow legitimate users, devices, or applications will have low adoption rates and/or will curtail productivity. Benign users may even circumvent these processes, further undermining your corporate security posture and creating more gaps in your defense-in- depth strategy. One of the many use cases associated with a zero trust security strategy is protecting your network — and most importantly, your data — from malware.
Tags : 
    
Akamai Technologies

SOTI Security FinServ Infographic

Published By: Akamai Technologies     Published Date: Aug 30, 2019
Attacks on financial services institutions are growing in both quantity and sophistication. Our new State of the Internet/Security report studies criminal behavior across this advanced and expansive financial services attack economy: from a popular authentication mechanism for staging credential stuffing attacks to the use of stolen identities to cash out ill-gotten gains. The report identifies leading DDoS and application-layer attack vectors, lucrative phishing variants, and how criminals stage decoy attacks to distract from their real targets. Attacks that prove successful in financial services often move on to other industries. Download the report, and see what petabytes of data tell us.
Tags : 
    
Akamai Technologies

Why Anti-DDoS Products and Services are Critical for Today’s Business Environment

Published By: Arbor Networks     Published Date: Jan 31, 2013
This paper will look at DDoS attacks in detail. It will illustrate the attack vectors being used and describe why the threat to organizations is greater than ever before
Tags : 
anti-ddos, products, services, critical, business environment, ips devices, firewall, arbor network
    
Arbor Networks

Ensuring Business Continuity with a Multi-Layered AV Defense

Published By: Blue Coat Systems     Published Date: Aug 12, 2013
There is no question that security attacks targeting your organization will continue to grow and evolve. The question is, how can you respond to malware and other risks without unnecessarily constraining your workforce? How can you get beyond the fear and anxiety that leads to excessive prohibition, prevention, blocking, and excluding – so that you can use security technology to both protect and empower people? The answer is with a multi-layered defense – one that uses advanced security technologies and sophisticated operational practices in combination to cover the full spectrum of threat vectors. This solution brief explores the growing importance of multi-layered defense in today’s fast-changing web environment, and key considerations in implementing an effective multi-layered defense strategy.
Tags : 
av defense, blue coat, web environment, application security, business continuity, email security, ssl
    
Blue Coat Systems

Beyond Prevention: Cisco’s Next Generation Endpoint Security

Published By: Cisco     Published Date: Dec 19, 2016
Today’s threat landscape has forced us, once again, to evolve how we think about and deliver effective security to protect endpoints (PCs, Macs, Linux, mobile devices, etc). Malware today is either on an endpoint or it’s headed there. Advanced malware is dynamic, can compromise environments from an array of attack vectors, take endless form factors, launch attacks over time, and can quickly exfiltrate data from endpoints. Such malware, including polymorphic and environmentally aware malware, is very good at masking itself and evading traditional security tools, which can lead to a breach. As a result, it’s no longer a question of “if” malware can penetrate defenses and get onto endpoints, it’s a question of “when”.
Tags : 
    
Cisco

Ransomware and New Threat Vectors for ICS/SCADA Networks

Published By: CyberX     Published Date: Aug 21, 2017
Today, a range of diverse cyber-adversaries — including nation-states, cybercriminals, competitors, hacktivists, and insiders/contractors — pose financial, reputational and regulatory risk to industrial and critical infrastructure organizations. The business impact can include costly production downtime, safety failures, and environmental release of hazardous materials, as well as theft of corporate secrets such as sensitive information about formulas and proprietary manufacturing processes. The challenge is compounded as organizations adopt digitization initiatives and IT/OT convergence to support the business — removing any “air-gaps” that may have existed in the past. To help security and operations teams stay ahead of the latest ICS/SCADA threats, CyberX — the industrial cybersecurity company founded by military cyber experts with nation-state experience securing critical infrastructure — has partnered with SANS to create educational content about emerging ICS threat vectors and
Tags : 
ics, scada, cyberx, cyber security, hacking, randomware
    
CyberX

Four Steps to Effectively Protecting Your Organization from Phishing Attacks

Published By: Cyveillance     Published Date: Jun 20, 2014
Phishing is defined by the Financial Services Technology Consortium (FSTC) as a broadly launched social engineering attack in which an electronic identity is misrepresented in an attempt to trick individuals into revealing personal credentials that can be used fraudulently against them. In short, it’s online fraud to the highest degree. Although it’s been around for years, phishing is still one of the most common and effective online scams. The schemes are varied, typically involving some combination of spoofed email (spam), malicious software (malware), and fake websites to harvest personal information from unwitting consumers. The explosive rise of mobile devices, mobile applications, and social media networks has given phishers new vectors to exploit, along with access to volumes of personal data that can be used in more targeted attacks or spear phishing. The fact that phishing attacks are still so common highlights their efficacy and reinforces the need to implement comprehensive phishing and response plans to protect organizations. An effective phishing protection plan should focus on four primary areas: Prevention, Detection, Response, and Recovery. High-level recommendations for each of the four areas are outlined in this whitepaper.
Tags : 
cyveillance, phishing, security, cyberattacks, cybercriminals, threats
    
Cyveillance

10 Steps to Mitigate a DDoS Attack in Real Time

Published By: F5 Networks     Published Date: Mar 18, 2015
The growing number of sophisticated attacks and countless attack vectors are increasingly difficult to mitigate. Download our 10 Steps to Mitigate a DDoS Attack in Real Time Infographic to help you address current attacks and learn how to build a solution that will help you mitigate risk, lower management costs, and stay protected in the future.
Tags : 
f5 networks, ddos, ip security, real time attack, data protection, secure business, network security, hacker detection
    
F5 Networks

The DDoS Threat Spectrum

Published By: F5 Networks Inc     Published Date: Oct 31, 2013
This white paper examines the DDoS threat spectrum including conventional network attacks, HTTP and SSL floods, and an emerging wave of low-bandwidth threats, plus the new threat vectors likely to target emerging service platforms.
Tags : 
distributed denial of service, ddos, ddos threat spectrum, network attacks, conventional network attacks, http floods, ssl floods, low bandwith threats
    
F5 Networks Inc

Is Your WAF Keeping Pace With Today's Threats?

Published By: F5 Networks Inc     Published Date: Aug 16, 2018
As the threat landscape evolves, so must our security controls and countermeasures. Recent research from F5 Labs revealed that applications are the initial targets in the majority of breaches, suggesting that any app can be an attack vector. Cybercriminals are moving their tactics further up the stack using sophisticated application-layer exploits, as well as an emerging wave of automated, bot, and IoTbased threats that are quite capable of evading simple signature or reputation-based detection. Yet, the majority of WAFs on the market today have remained largely unchanged, leaving the applayer exposed, unable to proactively monitor and protect against evolving attack vectors.
Tags : 
threats, applications, cybercriminals
    
F5 Networks Inc

IS YOUR WAF KEEPING PACE WITH TODAY’S THREATS?

Published By: F5 Networks Inc     Published Date: Sep 14, 2018
As the threat landscape evolves, so must our security controls and countermeasures. Recent research from F5 Labs revealed that applications are the initial targets in the majority of breaches, suggesting that any app can be an attack vector. Cybercriminals are moving their tactics further up the stack using sophisticated application-layer exploits, as well as an emerging wave of automated, bot, and IoTbased threats that are quite capable of evading simple signature or reputation-based detection. Yet, the majority of WAFs on the market today have remained largely unchanged, leaving the applayer exposed, unable to proactively monitor and protect against evolving attack vectors.
Tags : 
    
F5 Networks Inc

Thinking Locally, Targeted Globally

Published By: FireEye     Published Date: Feb 28, 2014
This whitepaper further educates you on the new security challenges for state and local governments.
Tags : 
fireeye, persistent threats, advanced attacks, multi-vector, multi-stage nature, combatting advanced attacks, cohesive threat vectors, correlated threat vectors
    
FireEye

Advanced Attacks Require Federal Agencies to Reimangine IT Security

Published By: FireEye     Published Date: Feb 28, 2014
Today's threat landscape has never been more challenging for federal agencies. Governments face a growing torrent of cyber attacks that are growing increasingly sophisticated, stealthy, and dangerous. Legacy signature-based solutions and file-based sandbox analysis cannot detect these advanced attacks, let alone stop them. Without advanced identification and remediation tools, agencies can go weeks or even months before discovering system breaches - long after the damage is done. This paper outlines: The malware ""kill-chain"" model used in today's advanced attacks; What capabilities federal agencies need to combat advanced threats; A reimagined approach to IT security.
Tags : 
fireeye, persistent threats, advanced attacks, multi-vector, multi-stage nature, combatting advanced attacks, cohesive threat vectors, correlated threat vectors
    
FireEye

New Security Challenges for State and Local Governments

Published By: FireEye     Published Date: Mar 05, 2014
Never before have state and local governments been expected to do so much with so little. Even as budgets remain tight in a post-recession environment, tech-savvy citizens demand higher levels of service, they want to pay taxes by credit card, renew their driver's license online, and check traffic from their smartphone. These responsibilities make cyber security critical for state agencies, municipalities, and public utilities. Governments possess residents' most sensitive information - including inviolable personal data such as Social Security numbers and birth certificates. This white paper highlights: Why traditional tools fail to detect advanced attacks; Gaining a cohesive, correlated view of all major threat vectors; How to leverage signature-less, real-time security that thwarts zero-Day attacks.
Tags : 
fireeye, persistent threats, advanced attacks, multi-vector, multi-stage nature, combatting advanced attacks, cohesive threat vectors, correlated threat vectors
    
FireEye

Five Reasons Your Small or Midsize Business is a Prime Target for Cybercriminals

Published By: FireEye     Published Date: Mar 05, 2014
Cyber attacks are growing more sophisticated and, more often than not, target small and midsize businesses (SMBs). One unlucky click - a malicious email attachment, a link to a legitimate but compromised website - could result in a costly data breach that drains your bank account and customer trust. This paper explains targeted attacks and examines reasons cyber attackers are aiming at small and midsize businesses, including: Value of your data; Low risk and high returns for criminals; Why SMBs are easier targets.
Tags : 
fireeye, persistent threats, advanced attacks, multi-vector, multi-stage nature, combatting advanced attacks, cohesive threat vectors, correlated threat vectors
    
FireEye

The Top 10 Mistakes Incident Responders Make Combatting Advanced Threats

Published By: FireEye     Published Date: Mar 05, 2014
Whether they work for an up-and-coming startup or an industry giant, security response teams are under siege as never before. Today's cyber attacks are sophisticated, relentless, and devastating, costing U.S. businesses $8.9 million a year each on average. Attacking in multiple stages across multiple vectors, advanced persistent threats (APTs) and other sophisticated attacks easily evade signature-based detection and other traditional defenses. Thiswhite paper describes: The 10 most common mistakes, strategic and technical, that incident response teams make; The effect of these mistakes and how to avoid them with a well-defined incident response plan.
Tags : 
fireeye, persistent threats, advanced attacks, multi-vector, multi-stage nature, combatting advanced attacks, cohesive threat vectors, correlated threat vectors
    
FireEye

Taking a Lead-Forward Approach to Combat Today's Cyber Attacks

Published By: FireEye     Published Date: Mar 05, 2014
Today's cyber attacks have changed radically from just a few years ago. No longer are they the sole province of opportunistic crooks, online vandals and digitial ""hacktivists."" Today, advanced cyber attacks are the weapon of choice for organized criminal enterprises and nation-states. This white paper highlights: Why organizations need much more than fundamental security tools; Strategies for dealing with advanced targeted attacks.
Tags : 
fireeye, persistent threats, advanced attacks, multi-vector, multi-stage nature, combatting advanced attacks, cohesive threat vectors, correlated threat vectors
    
FireEye

How Data Centers are Becoming Unwitting Accomplices in Advanced Cyber Attacks

Published By: FireEye     Published Date: Mar 05, 2014
If information is the lifeblood of today's digital economy, data centers are the heart. These mini-metropolises of silicon, metal, and cable are as essential to modern business as steel, motors, and coal were to the last great industrial revolution. In addition to their vital role in most business processes, data centers are the building blocks of emerging trends such as Big Data, global collaboration, and even bring-your-own-device (BYOD). The white paper describes: The widening gap between the offensive capabilities of today's cyber attackers and the weak traditional defenses deployed in most data centers; How organizations can better protect data centers.
Tags : 
fireeye, persistent threats, advanced attacks, multi-vector, multi-stage nature, combatting advanced attacks, cohesive threat vectors, correlated threat vectors
    
FireEye

The Need for Speed: 2013 Incident Response Survey

Published By: FireEye     Published Date: Mar 05, 2014
From sophisticated new forms of malware to nation-state sponsored attacks and the advanced persistent threat, cybersecurity incidents have evolved at a rapid pace and are taking down entire networks, successfully stealing sensitive data and costing organizations millions to remediate. In this white paper this report, you'll receive a comprehensive overview of survey results and expert analysis on: The top security threats for global organizations in 2013; The largest gaps in organization's detection and response to threats; How these gaps will be filled in the coming year - new staff, tools or services; What organizations must do to stay ahead of these advanced threats.
Tags : 
fireeye, persistent threats, advanced attacks, multi-vector, multi-stage nature, combatting advanced attacks, cohesive threat vectors, correlated threat vectors
    
FireEye

Understanding Software Vulnerabilities

Published By: Flexera     Published Date: Sep 16, 2016
Watch this webinar to learn more about understanding software vulnerabilities in your organization and how to protect your organization from attacks.
Tags : 
software vulnerabilities, security, attack vectors, data breach, commercial software, flexera, security threat
    
Flexera

Why Your Traditional Endpoint Security May be Putting you at Risk

Published By: Fortinet EMEA     Published Date: Nov 26, 2018
When it comes to securing all the parts of a modern distributed network, endpoints remain the most vulnerable outlier. Mobility has brought a flood of different devices that cross in and out of enterprise networks on a daily basis. This public exposure, combined with inadequate traditional endpoint security and a high degree of user autonomy, makes these devices prime targets for malware infections and other forms of sophisticated attack that seek to exploit the broader organization. And threat actors are finding enormous success along these vectors. To stay competitive, most organizations are currently embracing digital transformation (DX)—including cloud services, smart Internet of Things (IoT) devices, and greater mobility. These adaptations provide organizations with faster and more seamless access to critical information, regardless of the device being used to access it. However, as distributed networks expand and become more difficult to manage, the endpoint remains a weak link i
Tags : 
    
Fortinet EMEA

Winning the War on Cybercrime: Keys to Holistic Fraud Prevention

Published By: IBM     Published Date: Aug 06, 2014
The holistic, integrated fraud-prevention platform from Trusteer, an IBM company, effectively protects financial institutions against the full range of attack vectors responsible for the majority of online and cross-channel fraud, including account takeover.
Tags : 
security
    
IBM
Previous   1 2    Next    
Search      

Add Research

Get your company's research in the hands of targeted business professionals.