DATA SECURITY

Online Gaming is according to Nexusguard Research, a hotbed for DDoS attacks

businesswire | December 15, 2020

The expansion in web based gaming stood out from assailants, coming about in almost 77% of digital assaults focusing on internet gaming and betting enterprises in Q3 2020, as per the Nexusguard Q3 2020 Threat Report. In excess of 33% of these amusement assaults zeroed in on internet gaming targets. Nexusguard experts likewise revealed a 287% expansion altogether DDoS assaults in the second from last quarter contrasted with a similar period a year ago. Web based gaming stages' affectability to idleness and accessibility issues makes them ideal DDoS assault targets, and the internet gaming climate is target-rich for culprits to underwrite during the pandemic.

The lockdown and social separating measures upheld during the pandemic caused commitment in home diversion—internet gaming, specifically—to take off while films, bars and other regular amusement scenes stayed shut. Gamers have become a powerful objective for aggressors, especially in light of the fact that they are genuinely connected with, socially dynamic, and regularly spend discretionary cashflow on their gaming accounts. Albeit web based gaming is profoundly touchy to idleness and bundle misfortune, Nexusguard scientists caution delicate discovery and high-limit alleviation alone are inadequate to defeat enormous DDoS assaults. Gaming ventures and specialist organizations should team up to battle assault strategies through a blend of innovation, information sharing and best security rehearses.

“Online gaming is snowballing in part due to the growth of cloud computing as well as the limited options for home entertainment during the pandemic, providing cyber attackers with a wide population of targets to exploit,” said Juniman Kasman, chief technology officer for Nexusguard. “Game service providers, CSPs and other organizations should take steps to safeguard service, including segregating applications to minimize collateral damage or rehearsing incident response drills to reduce service disruption during attacks.”

Concerning internet gaming, 99.5% of digital assaults were volumetric in nature, with 99.4% of assaults comprising of single vector assaults. Culprits expect to devour all transmission capacity so gamers endure the symptoms of idleness and afterward change to game worker has with quicker and more steady network.

Nexusguard's DDoS danger research provides details regarding assault information from botnet examining, honeypots, CSPs and traffic moving among aggressors and their objectives to assist organizations with distinguishing weaknesses and remain educated about worldwide network protection patterns. Peruse the full Nexusguard Q3 2020 Threat Report for additional subtleties.

About Nexusguard
Founded in 2008, Nexusguard is a leading cloud-based distributed denial of service (DDoS) security solution provider fighting malicious internet attacks. Nexusguard ensures uninterrupted internet service, visibility, optimization and performance. Nexusguard is focused on developing and providing the best cybersecurity solution for every client across a range of industries with specific business and technical requirements. Nexusguard also enables communications service providers to deliver DDoS protection solution as a service. Nexusguard delivers on its promise to provide you with peace of mind by countering threats and ensuring maximum uptime. Visit www.nexusguard.com for more information.

Spotlight

Account takeover attacks provide cyber criminals with authorized access to legitimate user accounts. Take back control of your Web apps. Download this playbook and learn five solution requirements for effective account takeover protection.


Other News
PLATFORM SECURITY

Trend Micro Unites Industry With Most Powerful and Complete Security Platform

Trend Micro | April 26, 2022

Trend Micro Incorporated , a global cybersecurity leader, announced the launch of Trend Micro One, a unified cybersecurity platform with a growing list of ecosystem technology partners that enables customers to better understand, communicate, and lower their cyber risk. Organizations are battling on all fronts to face mounting cyber risks from their complex and growing attack surface with stretched teams and siloed security products. The unified security platform approach delivers a continuous lifecycle of risk and threat assessment with attack surface discovery, cyber risk analysis, and threat mitigation and response. Inaugural partners of the Trend Micro One technology ecosystem include: Bit Discovery, Google Cloud, Microsoft, Okta, Palo Alto Networks, ServiceNow, Slack, Qualys, Rapid7, Splunk, and Tenable. "We are so proud that ecosystem partners value integrating into our platform. Collectively we help enterprises fight the bad guys known as cybercriminals. Alone we are strong, but together our industry is unstoppable in helping customers eliminate security gaps anywhere, identify internal and external enterprise assets, and take critical steps to mitigate them. Kevin Simzer, COO of Trend Micro According to Gartner®, "vendors are increasingly acquiring or developing these adjacent technologies and integrating them into a single platform. The benefits are best realized when this integration minimizes consoles and configuration planes and reuses components (e.g., endpoint agents) and information.1" "We all know that digital transformation is table stakes for the post-pandemic enterprise. But this comes with additional risks: a bigger target for threat actors to aim at and more visibility and security coverage gaps for them to hide in," said Jeremiah Grossman, CEO of Bit Discovery. "Trend Micro's approach stands out from the crowd — notably with its blend of multiple sources of asset and risk visibility, including external attack surface visibility powered by Bit Discovery. Trend Micro's platform helps customers quickly get a prioritized and comprehensive understanding of their attack surface." As a unified platform, Trend Micro One delivers powerful risk assessment capabilities, but the ecosystem partners extend that to make it the most complete in the industry. Joint customers benefit from truly connected visibility, better detection and response capabilities, and comprehensive protection across security layers and systems. Trend Micro One supports this approach by enabling customers to: Discover the attack surface: Identify, monitor, and profile cyber assets in customers' environments. Understand and continuously assess risk: Analyze risk exposure, the status of vulnerabilities, the configuration of security controls, and types of threat activity. Effectively mitigate risk: Ensure the right preventative controls and take swift action to mitigate risk and remediate attacks across the enterprise by leveraging Trend Micro's threat and risk intelligence. About Trend Micro Trend Micro, a global cybersecurity leader, helps make the world safe for exchanging digital information. Fueled by decades of security expertise, global threat research, and continuous innovation, Trend Micro's cybersecurity platform protects hundreds of thousands of organizations and millions of individuals across clouds, networks, devices, and endpoints. As a leader in cloud and enterprise cybersecurity, the platform delivers a powerful range of advanced threat defense techniques optimized for environments like AWS, Microsoft, and Google, and central visibility for better, faster detection and response.

Read More

WEB SECURITY TOOLS

Indusface Enhances its Web Application & API Protection (WAAP) platform AppTrana with Industry's First Risk-Based Protection to APIs

Indusface | May 19, 2022

Indusface, a leading application security SaaS company that continually detects security risks, provides real-time protection, and improves the performance of Websites and Applications, today announced that it is adding Risk-Based API Protection to its WAAP platform, AppTrana. APIs are the lifeline of the digital economy with many companies adopting the API-first approach. However, the growth of APIs is also opening up new risk vectors that they are not aware of. According to Gartner, more than 90% of applications have more attack surface exposed through API than UI and by 2022, API Abuse will move from an infrequent to the most-frequent attack vector, resulting in data breaches for enterprise web applications. Indusface is revolutionizing the API security space by building on its API Protection capabilities. The company is doing so through the most comprehensive API protection to date by extending its risk-based approach to the same. "AppTrana's risk-based approach is unique and something that resonates with our customers. What customers are really interested in is knowing how well their application is protected based on the risk posture of their application. Building on this, we are now enhancing our API Protection capabilities by providing a risk-based approach to API security which we believe would revolutionize the market. With this, customers will be able to identify vulnerabilities found in their public APIs and quickly correlate how these are protected through API-specific policies and positive security policies applied in AppTrana providing the most comprehensive protection for APIs." Ashish Tandon, Founder and CEO, Indusface As with any security, you can protect only what you know and protection is as strong as the weakest link. The major challenges with APIs are discoverability and the ability to understand the context of APIs so that security can be tailored accordingly. It is to address these challenges that Indusface is enhancing its API protection in AppTrana. Collectively through a multi-step approach, customers get to discover APIs, understand risk posture and ensure comprehensive protection of APIs. With Indusface AppTrana's Risk-based API Protection, you get: To understand the risk posture of the APIs through unlimited automated API scans including manual tests for identifying business logic vulnerabilities. This enables organization to understand the weakest links of the APIs and get clear visibility around how these links are protected. Visibility into API traffic patterns and discovery of shadow APIs, so that you are no longer blindsided by what you don't know To protect APIs with API-specific rules written specifically to protect against OWASP Top 10 API vulnerabilities Behavioral-based protection against DDoS attacks on APIs by analyzing API traffic pattern Behavioral-based protection against BOT attacks Positive security for APIs through analysis of swagger (OpenAPI 2.0) files and creation of automated positive security policies Accurate, real-time view of vulnerabilities blocked by API specific rules, positive security policies, custom rules, and those that need fixes in the application About Indusface Indusface is a leading application security SaaS company that secures critical Web, Mobile, and API applications of 3000+ global customers using its award-winning fully managed platform that integrates web application scanner, web application firewall, DDoS & BOT Mitigation, CDN, and threat intelligence engine. Indusface has been funded by Tata Capital Growth Fund II, is the only vendor to be named Gartner Peer Insights™ Customers' Choice' in all the 7 segments for Voice of Customer WAAP (Web Application and API Protection) Report 2022, is a "Great Place to Work" certified SaaS product company, is PCI, ISO27001, SOC 2, GDPR certified, and has been the recipient of many prestigious start-up awards such as the Economic Times Top 25, NASSCOM DSCI Top Security Company, Deloitte Asia Top 100, among others.

Read More

DATA SECURITY

IT-Harvest Launches the Analyst Dashboard for Cybersecurity

IT-Harvest | March 31, 2022

IT-Harvest, a data-driven industry analyst firm, announces the launch of an SaaS application for tracking and analyzing the entire cybersecurity industry. Some data will be published for free at dashboard.it-harvest.com. Subscribers will receive access to all the data assembled over a decade by IT-Harvest, including category, subcategory, headcount each quarter, investments, and key executives. Using the data on each of the 2,850 vendors worldwide, it is possible to compare countries, states, and regions. For instance, there are 1,567 cybersecurity vendors in the United States, 357 in the EU, and 236 headquartered in Israel. California is currently home to 560 cybersecurity companies. "The launch of this app is the realization of a 17-year journey to create an analyst firm that could offer more than opinions and reports. Subscribers get access to all the data we use in our research and reports. They can do their own analysis to test an investment thesis, find targets for acquisition, or create a short-list of vendors for a particular technology they are looking to acquire." Richard Stiennon, Chief Research Analyst at IT-Harvest In addition to the data, subscribers are purchasing a seat for advisory services, much like with a traditional analyst firm. IT-Harvest analysts are available for inquiries on markets, technology, and vendors as part of the annual subscription. The data available in the Analyst Dashboard is printed every year in the Directory in Security Yearbook available at www.it-harvest.com/shop. IT-Harvest tracks headcount at all cybersecurity vendors to identify fast growing companies and segments. That data is updated quarterly in the Analyst Dashboard and presented in a Leaderboard sorted by growth over the past quarter and calendar year. Subscribers can add any number of vendors to a watchlist and get email alerts when data on a company is updated. This could include new funding, a change in the executive team, inclusion in a research report, or an acquisition.

Read More

PLATFORM SECURITY

Cynamics Announces Dedicated Managed Security Service Provider (MSSP) Offering

Cynamics | March 07, 2022

Cynamics, leading provider of AI-driven Network Detection and Response solutions, today announced the release of their new offering which is dedicated for Managed Security Service Providers and Managed Service Providers. The Cynamics Managed Service solution delivers a comprehensive dashboard for Cynamics partners to view all aspects of their Cynamics services across all client networks. This new dashboard represents the next step in the continued evolution of the Cynamics solution and offering. Cynamics teams up with best-in-class partners, offering unhindered network visibility and threat prediction to manage their client's environment. Cynamics unique sample-based approach accompanied with patent-pending and academically acknowledged AI technology allows our partners to predict and detect risk in seconds, responding faster and giving customers the security and granularity, they deserve. "We are grateful for our partnership with Cynamics, as it allows us to offer robust and innovative network visibility to our clients, increasing their overall security posture," said Peter Baur, IT Manager of Metro-INET. "With the rise in cyber threats on municipalities, we were looking for a provider to reduce and mitigate risk. Cynamics makes a big difference in how our customers can protect their networks effectively and gives us a comprehensive view across the entire landscape. Cynamics intuitive dashboard, access to cyber analysts 24/7 and unparalleled level of support have been a key differentiator for us as we focus on connecting our customers to solutions that enable them to operate in a more secure and productive way," Said Baur. The new offering, modeled after the Cynamics Network Blueprint dashboard, lets managed service partners add their client accounts and rapidly connect them to Cynamics, view a summary of the recent activities from all of their clients, and drilling down to each threat detection root-cause analysis and to the respective client dashboard for further details. This dashboard can enhance MSSPs cybersecurity service offering to customers by leveraging Cynamics AI-driven technology and sample-based approach to provide 100% network visibility and threat prediction without requiring installation of an appliance or agent in the customer's network, no matter the network's size or environment. "The Cynamics MSSP offering was designed with our growing managed service customer-base in mind. Our goal was to deliver a dashboard that provides complete visibility across all client accounts in a central pane view that gives MSSPs more services to capture a greater opportunity amongst their customers" said Dr. Aviv Yehezkel, Co-Founder and CTO of Cynamics. "With Cynamics, our managed service partners reduce risk because of the lack of appliances and agents, as well as there are no permissions to the client's network, and no collecting or storing any sensitive or private client information at any time, therefore creating no additional attack surface", said Dr. Yehezkel. The Cynamics MSSP dashboard reduces the burden of managing, configuring and optimizing network security for clients with notoriously convoluted networks, differing environments and complex architectures. Cynamics solution uses proprietary AI and ML technology to enrich threat signals, patterns, and suspicious behaviors by detecting and classifying them in a generalized way which is agnostic to a specific network deployment. The solution autonomously and continuously is learning and improving with each additional deployment. The performance, capabilities and broad visibility offered by Cynamics gives MSSPs an edge in keeping their customers safe in the continuously evolving cybersecurity landscape. About Cynamics Cynamics is the only Next Generation (NG) Cloud Network Detection and Response (NDR) solution on the market today using standard sampling protocols built-in to every gateway, patented algorithms, as well as AI and Machine Learning, to provide threat prediction and visibility at speed and scale. Built to protect networks of all sizes and complexity, its highly scalable approach discovers threats missed by competitors and provides clients and partners with an elite defense against cyberattacks, with little-to-no burden on their resources.

Read More

Spotlight

Account takeover attacks provide cyber criminals with authorized access to legitimate user accounts. Take back control of your Web apps. Download this playbook and learn five solution requirements for effective account takeover protection.

Resources