SlideShare a Scribd company logo

The Anatomy of Comment Spam

Imperva
Imperva

Comment spammers are most often motivated by search engine optimization for the purposes of advertisement, click fraud, and malware distribution. By spamming multiple targets over a long period of time, spammers are able to gain profit, and do harm. Comment spam attacks can cripple a website, impacting uptime, and compromise the user experience. Quickly identifying the source of an attack can greatly limit the attack’s effectiveness and minimize its impact on your website. This presentation will: - Present an attack from both points of views – the attacker's and the victim’s - Identify tools utilized by comment spam attackers - Discuss mitigation techniques to stop comment spam in its early stages

Technology
1 of 35
Download to read offline
© 2014 Imperva, Inc. All rights reserved. The Anatomy of Comment Spam Shelly Hershkovitz, Sr. Security Research Engineer, Imperva 1
© 2014 Imperva, Inc. All rights reserved. Agenda 2 §  Comment Spam - What & Why? §  Comment Spam Attacks §  Data Analysis §  Mitigation Techniques §  Case Studies §  Conclusion §  Q&A
© 2014 Imperva, Inc. All rights reserved. Shelly Hershkovitz, Sr. Security Research Engineer, Imperva 3 §  Leads the efforts to capture and analyze hacking activities •  Authored several Hacker Intelligence Initiative (HII) Reports §  Experienced in machine learning and computer vision §  Holds BA in Computer Science & M.Sc degree in Bio-Medical Engineering
© 2014 Imperva, Inc. All rights reserved. Comment Spam - What & Why? 4 §  What? •  Wikipedia: ”Comment spam is a term used to refer to a broad category of spam bot postings which abuse web-based forms to post unsolicited advertisements as comments on forums, blogs, wikis and online guest books.” §  Why? •  Search engine optimization •  Advertisements •  Malware distribution •  Click fraud
© 2014 Imperva, Inc. All rights reserved. Search Engine Optimization 5 MyWebSite.com OtherWebSite.com OtherBlog.com OtherWebSite.com OtherNewsWebSite.com Backlink Backlink
© 2014 Imperva, Inc. All rights reserved. Comment Spam Attack 6 Target Acquisition Comment Generation Posting Verification
© 2014 Imperva, Inc. All rights reserved. Comment Spam in Practice 7 §  Success relies on large scales §  Automated tools are used §  Inputs •  The site to be promoted •  Relevant keywords
© 2014 Imperva, Inc. All rights reserved. §  URL Harvesting •  Locate relevant websites •  Locate suitable URLs for commenting §  An alternative – buy ‘Quality URLs’ lists •  A typical price is $40 for ~13,000 URLs Target Acquisition 8
© 2014 Imperva, Inc. All rights reserved. Selecting the Targets 9 Target Selection Relevance Quality Difficulty Policy •  Relevance: Relevance to the promoted site •  Quality: The URL’s own search engine ranking •  Difficulty: The difficulty of posting comments (Captcha) •  Policy: The site’s policy regarding search engine (follow/ nofollow attribute)
© 2014 Imperva, Inc. All rights reserved. Target Acquisition in Action 10
© 2014 Imperva, Inc. All rights reserved. §  Verbal comments attached to the promoted site •  Input keywords Comment Generation 11
© 2014 Imperva, Inc. All rights reserved. Comment Generation in Action 12
© 2014 Imperva, Inc. All rights reserved. §  Post comments on many URLs §  Authentication, CAPTCHA, or user details handling Posting 13
© 2014 Imperva, Inc. All rights reserved. Posting in Action 14
© 2014 Imperva, Inc. All rights reserved. §  Collect feedback whether or not the comments were posted Verification 15
© 2014 Imperva, Inc. All rights reserved. Verification in Action 16
© 2014 Imperva, Inc. All rights reserved. Comment Spam in Action 17
© 2014 Imperva, Inc. All rights reserved. §  17% of the attackers generated 58% of comment spam traffic Data Analysis 18
© 2014 Imperva, Inc. All rights reserved. §  80% of comment spam traffic is generated by 28% of attackers Data Analysis 19 28.00% Source IP
© 2014 Imperva, Inc. All rights reserved. Mitigation Techniques 20 §  Content inspection §  Source reputation §  Anti-automation §  Demotivation §  Manual inspection
© 2014 Imperva, Inc. All rights reserved. Mitigation Techniques: Content Inspection 21 §  Inspecting the content of the posted comments §  Rule based •  Large number of links •  Logical sentences not related to the subject §  Akismet
© 2014 Imperva, Inc. All rights reserved. Mitigation Techniques: Source Reputation 22 §  Based on the reputation of the poster §  Online repositories based on crowdsourcing
© 2014 Imperva, Inc. All rights reserved. Mitigation Techniques: Anti-Automation 23 §  Anti-automation tools •  CAPTCHA •  Check-box for posting the comment •  Client type classification
© 2014 Imperva, Inc. All rights reserved. Mitigation Techniques: Demotivation 24 §  Make comment spam useless §  Follow/nofollow value of the rel attribute of an HTML anchor <A> •  Specifies whether a link should be followed by search engines §  Penguin update for Google search engine algorithms
© 2014 Imperva, Inc. All rights reserved. Mitigation Techniques: Manual Inspection 25 §  Effective but not scalable §  Effective against manual comment spam
© 2014 Imperva, Inc. All rights reserved. Case Studies 26 §  Attack Target: Specific Victim §  Attack Source: Specific Attacking IP §  Google App Engine
© 2014 Imperva, Inc. All rights reserved. §  A non-profit organization §  A single host with many URLs §  Our theory associates popular phrases within the URL address and page content, to the attack rate Specific Victim 27 Numberof Attacks
© 2014 Imperva, Inc. All rights reserved. §  52% of source IPs produce 80% of the traffic Specific Victim 28 52% Source IP
© 2014 Imperva, Inc. All rights reserved. Specific Attacking IP 29 §  Comment spam posting from a specific IP §  Rapid response (IP reputation feed) would have significantly reduce the impact of the attack Numberof Attacks
© 2014 Imperva, Inc. All rights reserved. §  Five target websites were attacked from this source §  Most had suffered a relative high amount of comment spam attacks Specific Attacking IP 30 1 41% 2 25% 3 21% 4 11% 5 2% Percentage of Traffic per Target
© 2014 Imperva, Inc. All rights reserved. §  Hyperlinks in a single request are for different websites §  Consecutive requests have similar hyperlinks §  Using different URLs for the same website avoids bad reputation Specific Attacking IP 31
© 2014 Imperva, Inc. All rights reserved. Case Studies: Google App Engine 32 §  Google App Engine can be used to spread comment spam through proxy services §  This technique can be used to bypass IP based mitigations
© 2014 Imperva, Inc. All rights reserved. Conclusion 33 §  Comment spam is a prosperous industry •  Many tools and services are available for comment spam generation and distribution §  Identifying the attacker as a comment spammer early on and blocking its requests prevents most of the malicious activity •  Reputation based controls are effective (IP / source application) §  Reputation based controls must be combined with some content based controls to avoid false positives §  Anti-automation and bot-detection controls can reduce the likelihood of an application becoming a target
© 2014 Imperva, Inc. All rights reserved. Webinar Materials 34 Post-Webinar Discussions Answers to Attendee Questions Webinar Recording Link Join Group Join Imperva LinkedIn Group, Imperva Data Security Direct, for…
© 2014 Imperva, Inc. All rights reserved. www.imperva.com 35

Recommended

Anatomy of the Compromised Insider
Anatomy of the Compromised InsiderAnatomy of the Compromised Insider
Anatomy of the Compromised Insider
Imperva
 
The Non-Advanced Persistent Threat
The Non-Advanced Persistent ThreatThe Non-Advanced Persistent Threat
The Non-Advanced Persistent Threat
Imperva
 
Sophisticated Incident Response Requires Sophisticated Activity Monitoring
Sophisticated Incident Response Requires Sophisticated Activity MonitoringSophisticated Incident Response Requires Sophisticated Activity Monitoring
Sophisticated Incident Response Requires Sophisticated Activity Monitoring
Imperva
 
The State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsThe State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On Steroids
Imperva
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t Enough
Imperva
 
SecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and FocusSecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and Focus
Imperva
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their Tracks
Imperva
 
More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.
Imperva
 

Recommended

Anatomy of the Compromised Insider
Anatomy of the Compromised InsiderAnatomy of the Compromised Insider
Anatomy of the Compromised Insider
Imperva
 
The Non-Advanced Persistent Threat
The Non-Advanced Persistent ThreatThe Non-Advanced Persistent Threat
The Non-Advanced Persistent Threat
Imperva
 
Sophisticated Incident Response Requires Sophisticated Activity Monitoring
Sophisticated Incident Response Requires Sophisticated Activity MonitoringSophisticated Incident Response Requires Sophisticated Activity Monitoring
Sophisticated Incident Response Requires Sophisticated Activity Monitoring
Imperva
 
The State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On SteroidsThe State of Application Security: Hackers On Steroids
The State of Application Security: Hackers On Steroids
Imperva
 
Why Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t EnoughWhy Network and Endpoint Security Isn’t Enough
Why Network and Endpoint Security Isn’t Enough
Imperva
 
SecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and FocusSecureSphere ThreatRadar: Improve Security Team Productivity and Focus
SecureSphere ThreatRadar: Improve Security Team Productivity and Focus
Imperva
 
Stop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their TracksStop Account Takeover Attacks, Right in their Tracks
Stop Account Takeover Attacks, Right in their Tracks
Imperva
 
More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.More Databases. More Hackers. More Audits.
More Databases. More Hackers. More Audits.
Imperva
 
Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and Espionage
Imperva
 
Web Application Attack Report (Edition #1 - July 2011)
Web Application Attack Report (Edition #1 - July 2011)Web Application Attack Report (Edition #1 - July 2011)
Web Application Attack Report (Edition #1 - July 2011)
Imperva
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked account
Imperva
 
Upgrading Your Firewall? Its Time for an Inline Security Fabric
Upgrading Your Firewall? Its Time for an Inline Security FabricUpgrading Your Firewall? Its Time for an Inline Security Fabric
Upgrading Your Firewall? Its Time for an Inline Security Fabric
Rahul Neel Mani
 
Security Automation and Orchestration
Security Automation and OrchestrationSecurity Automation and Orchestration
Security Automation and Orchestration
Greg Foss
 
Top 10 Database Threats
Top 10 Database ThreatsTop 10 Database Threats
Top 10 Database Threats
Imperva
 
Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016
Kyle Lai
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted Attacks
Imperva
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
IBM Security
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on Vehicles
Priyanka Aash
 
20 Security Controls for the Cloud
20 Security Controls for the Cloud20 Security Controls for the Cloud
20 Security Controls for the Cloud
NetStandard
 
Activated Charcoal - Making Sense of Endpoint Data
Activated Charcoal - Making Sense of Endpoint DataActivated Charcoal - Making Sense of Endpoint Data
Activated Charcoal - Making Sense of Endpoint Data
Greg Foss
 
Soc analyst course content
Soc analyst course contentSoc analyst course content
Soc analyst course content
ShivamSharma909
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
Virginia Fernandez
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
Jisc
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security Innovation
Priyanka Aash
 
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access SystemsValerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
centralohioissa
 
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesInfosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Skybox Security
 
#ALSummit: Live Cyber Hack Demonstration
#ALSummit: Live Cyber Hack Demonstration#ALSummit: Live Cyber Hack Demonstration
#ALSummit: Live Cyber Hack Demonstration
Alert Logic
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
Shah Sheikh
 
Is Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted AttacksIs Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted Attacks
Imperva
 
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesBleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Imperva
 

More Related Content

What's hot

Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
IBM Security
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security Innovation
Priyanka Aash
 
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesInfosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Skybox Security
 

What's hot (20)

Hackers, Cyber Crime and Espionage
Hackers, Cyber Crime and EspionageHackers, Cyber Crime and Espionage
Hackers, Cyber Crime and Espionage
 
Web Application Attack Report (Edition #1 - July 2011)
Web Application Attack Report (Edition #1 - July 2011)Web Application Attack Report (Edition #1 - July 2011)
Web Application Attack Report (Edition #1 - July 2011)
 
Beyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked accountBeyond takeover: stories from a hacked account
Beyond takeover: stories from a hacked account
 
Upgrading Your Firewall? Its Time for an Inline Security Fabric
Upgrading Your Firewall? Its Time for an Inline Security FabricUpgrading Your Firewall? Its Time for an Inline Security Fabric
Upgrading Your Firewall? Its Time for an Inline Security Fabric
 
Security Automation and Orchestration
Security Automation and OrchestrationSecurity Automation and Orchestration
Security Automation and Orchestration
 
Top 10 Database Threats
Top 10 Database ThreatsTop 10 Database Threats
Top 10 Database Threats
 
Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016Pactera - Cloud, Application, Cyber Security Trend 2016
Pactera - Cloud, Application, Cyber Security Trend 2016
 
Detect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted AttacksDetect & Remediate Malware & Advanced Targeted Attacks
Detect & Remediate Malware & Advanced Targeted Attacks
 
Detect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange PartnersDetect and Respond to Threats Better with IBM Security App Exchange Partners
Detect and Respond to Threats Better with IBM Security App Exchange Partners
 
Hardware Security on Vehicles
Hardware Security on VehiclesHardware Security on Vehicles
Hardware Security on Vehicles
 
20 Security Controls for the Cloud
20 Security Controls for the Cloud20 Security Controls for the Cloud
20 Security Controls for the Cloud
 
Activated Charcoal - Making Sense of Endpoint Data
Activated Charcoal - Making Sense of Endpoint DataActivated Charcoal - Making Sense of Endpoint Data
Activated Charcoal - Making Sense of Endpoint Data
 
Soc analyst course content
Soc analyst course contentSoc analyst course content
Soc analyst course content
 
IBM Security QRadar
IBM Security QRadar IBM Security QRadar
IBM Security QRadar
 
An introduction to Cyber Essentials
An introduction to Cyber EssentialsAn introduction to Cyber Essentials
An introduction to Cyber Essentials
 
Wfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security InnovationWfh security risks - Ed Adams, President, Security Innovation
Wfh security risks - Ed Adams, President, Security Innovation
 
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access SystemsValerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
Valerie Thomas - All Your Door Belong to Me - Attacking Physical Access Systems
 
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security ChallengesInfosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
Infosec 2014: Risk Analytics: Using Your Data to Solve Security Challenges
 
#ALSummit: Live Cyber Hack Demonstration
#ALSummit: Live Cyber Hack Demonstration#ALSummit: Live Cyber Hack Demonstration
#ALSummit: Live Cyber Hack Demonstration
 
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
DTS Solution - ISACA UAE Chapter - ISAFE 2014 - RU PWNED - Living a Life as a...
 

Viewers also liked

Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesBleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Imperva
 
The Value of Shared Threat Intelligence
The Value of Shared Threat IntelligenceThe Value of Shared Threat Intelligence
The Value of Shared Threat Intelligence
Imperva
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
Imperva
 
Man in the Cloud Attacks
Man in the Cloud AttacksMan in the Cloud Attacks
Man in the Cloud Attacks
Imperva
 

Viewers also liked (19)

Is Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted AttacksIs Your Business Safe From Malware And Targeted Attacks
Is Your Business Safe From Malware And Targeted Attacks
 
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known VulnerabilitiesBleeding Servers – How Hackers are Exploiting Known Vulnerabilities
Bleeding Servers – How Hackers are Exploiting Known Vulnerabilities
 
The Value of Shared Threat Intelligence
The Value of Shared Threat IntelligenceThe Value of Shared Threat Intelligence
The Value of Shared Threat Intelligence
 
Lessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! HackLessons Learned From the Yahoo! Hack
Lessons Learned From the Yahoo! Hack
 
Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365Top Five Security Must-Haves for Office 365
Top Five Security Must-Haves for Office 365
 
Web Application Attack Report, Edition #4
Web Application Attack Report, Edition #4Web Application Attack Report, Edition #4
Web Application Attack Report, Edition #4
 
6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks6 Most Surprising SharePoint Security Risks
6 Most Surprising SharePoint Security Risks
 
Top Security Trends for 2014
Top Security Trends for 2014Top Security Trends for 2014
Top Security Trends for 2014
 
More databases. More hackers.
More databases. More hackers.More databases. More hackers.
More databases. More hackers.
 
Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense Database monitoring - First and Last Line of Defense
Database monitoring - First and Last Line of Defense
 
Man in the Cloud Attacks
Man in the Cloud AttacksMan in the Cloud Attacks
Man in the Cloud Attacks
 
Automation of Web Application Attacks
Automation of Web Application AttacksAutomation of Web Application Attacks
Automation of Web Application Attacks
 
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS AttackAn Inside Look at a Sophisticated, Multi-vector DDoS Attack
An Inside Look at a Sophisticated, Multi-vector DDoS Attack
 
Preparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS AttackPreparing for the Imminent Terabit DDoS Attack
Preparing for the Imminent Terabit DDoS Attack
 
Web Applications Under Attack: Why Network Security Solutions Leave You Exposed
Web Applications Under Attack: Why Network Security Solutions Leave You ExposedWeb Applications Under Attack: Why Network Security Solutions Leave You Exposed
Web Applications Under Attack: Why Network Security Solutions Leave You Exposed
 
Protect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public CloudProtect Your Data and Apps in the Public Cloud
Protect Your Data and Apps in the Public Cloud
 
Gartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall WebinarGartner MQ for Web App Firewall Webinar
Gartner MQ for Web App Firewall Webinar
 
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation FoundationHacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
Hacking HTTP/2 : New attacks on the Internet’s Next Generation Foundation
 
Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016Top Cyber Security Trends for 2016
Top Cyber Security Trends for 2016
 

Similar to The Anatomy of Comment Spam

A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
Imperva Incapsula
 
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure WebsiteJoomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
Imperva Incapsula
 
What Hackers Don’t Want You To Know: How to Maximize Your API Security
What Hackers Don’t Want You To Know: How to Maximize Your API SecurityWhat Hackers Don’t Want You To Know: How to Maximize Your API Security
What Hackers Don’t Want You To Know: How to Maximize Your API Security
AaronLieberman5
 
Cyber Side-Effects - Cloud Databases and Modern Malware
Cyber Side-Effects - Cloud Databases and Modern MalwareCyber Side-Effects - Cloud Databases and Modern Malware
Cyber Side-Effects - Cloud Databases and Modern Malware
Imperva
 
The Science of APIs in a Mobile World:Security, Control and Quality
The Science of APIs in a Mobile World:Security, Control and QualityThe Science of APIs in a Mobile World:Security, Control and Quality
The Science of APIs in a Mobile World:Security, Control and Quality
Akana
 
Webinar: How to choose your outsourcing partner for building mobile apps?
Webinar: How to choose your outsourcing partner for building mobile apps?Webinar: How to choose your outsourcing partner for building mobile apps?
Webinar: How to choose your outsourcing partner for building mobile apps?
Harbinger Systems - HRTech Builder of Choice
 
OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015
Rogue Wave Software
 
Managing Your Application Security Program with the ThreadFix Ecosystem
Managing Your Application Security Program with the ThreadFix EcosystemManaging Your Application Security Program with the ThreadFix Ecosystem
Managing Your Application Security Program with the ThreadFix Ecosystem
Denim Group
 
Benchmarking Web Application Scanners for YOUR Organization
Benchmarking Web Application Scanners for YOUR OrganizationBenchmarking Web Application Scanners for YOUR Organization
Benchmarking Web Application Scanners for YOUR Organization
Denim Group
 

Similar to The Anatomy of Comment Spam (20)

Adapt or Die Sydney - API Security
Adapt or Die Sydney - API SecurityAdapt or Die Sydney - API Security
Adapt or Die Sydney - API Security
 
A DevOps Guide to Web Application Security
A DevOps Guide to Web Application SecurityA DevOps Guide to Web Application Security
A DevOps Guide to Web Application Security
 
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure WebsiteJoomla Security Simplified —  Seven Easy Steps For a More Secure Website
Joomla Security Simplified —  Seven Easy Steps For a More Secure Website
 
What Hackers Don’t Want You To Know: How to Maximize Your API Security
What Hackers Don’t Want You To Know: How to Maximize Your API SecurityWhat Hackers Don’t Want You To Know: How to Maximize Your API Security
What Hackers Don’t Want You To Know: How to Maximize Your API Security
 
Cyber Side-Effects - Cloud Databases and Modern Malware
Cyber Side-Effects - Cloud Databases and Modern MalwareCyber Side-Effects - Cloud Databases and Modern Malware
Cyber Side-Effects - Cloud Databases and Modern Malware
 
Scaling API Design - Nordic APIs 2014
Scaling API Design - Nordic APIs 2014Scaling API Design - Nordic APIs 2014
Scaling API Design - Nordic APIs 2014
 
Scaling API Design
Scaling API DesignScaling API Design
Scaling API Design
 
Content Auditing: Unearthing the Substance of Your Brand
Content Auditing: Unearthing the Substance of Your BrandContent Auditing: Unearthing the Substance of Your Brand
Content Auditing: Unearthing the Substance of Your Brand
 
The Science of APIs in a Mobile World:Security, Control and Quality
The Science of APIs in a Mobile World:Security, Control and QualityThe Science of APIs in a Mobile World:Security, Control and Quality
The Science of APIs in a Mobile World:Security, Control and Quality
 
An approach to app security - For beginners
An approach to app security - For beginnersAn approach to app security - For beginners
An approach to app security - For beginners
 
API Economy - Cuomo
API Economy - Cuomo API Economy - Cuomo
API Economy - Cuomo
 
Webinar: How to choose your outsourcing partner for building mobile apps?
Webinar: How to choose your outsourcing partner for building mobile apps?Webinar: How to choose your outsourcing partner for building mobile apps?
Webinar: How to choose your outsourcing partner for building mobile apps?
 
2018 Hacked Website Trends
2018 Hacked Website Trends2018 Hacked Website Trends
2018 Hacked Website Trends
 
OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015OSS has taken over the enterprise: The top five OSS trends of 2015
OSS has taken over the enterprise: The top five OSS trends of 2015
 
London Adapt or Die: Securing your APIs the Right Way!
London Adapt or Die: Securing your APIs the Right Way!London Adapt or Die: Securing your APIs the Right Way!
London Adapt or Die: Securing your APIs the Right Way!
 
Managing Your Application Security Program with the ThreadFix Ecosystem
Managing Your Application Security Program with the ThreadFix EcosystemManaging Your Application Security Program with the ThreadFix Ecosystem
Managing Your Application Security Program with the ThreadFix Ecosystem
 
4 Reasons to Crowdsource Your Pen Test
4 Reasons to Crowdsource Your Pen Test4 Reasons to Crowdsource Your Pen Test
4 Reasons to Crowdsource Your Pen Test
 
Benchmarking Web Application Scanners for YOUR Organization
Benchmarking Web Application Scanners for YOUR OrganizationBenchmarking Web Application Scanners for YOUR Organization
Benchmarking Web Application Scanners for YOUR Organization
 
Scaling API Design
Scaling API DesignScaling API Design
Scaling API Design
 
Understanding and Mitigating the Security Risks of Content Inclusion in Web B...
Understanding and Mitigating the Security Risks of Content Inclusion in Web B...Understanding and Mitigating the Security Risks of Content Inclusion in Web B...
Understanding and Mitigating the Security Risks of Content Inclusion in Web B...
 

More from Imperva

Making Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesMaking Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to Narratives
Imperva
 

More from Imperva (18)

Cybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 SurveyCybersecurity and Healthcare - HIMSS 2018 Survey
Cybersecurity and Healthcare - HIMSS 2018 Survey
 
API Security Survey
API Security SurveyAPI Security Survey
API Security Survey
 
Imperva ppt
Imperva pptImperva ppt
Imperva ppt
 
Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds Research: From zero to phishing in 60 seconds
Research: From zero to phishing in 60 seconds
 
Making Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to NarrativesMaking Sense of Web Attacks: From Alerts to Narratives
Making Sense of Web Attacks: From Alerts to Narratives
 
How We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over LunchHow We Blocked a 650Gb DDoS Attack Over Lunch
How We Blocked a 650Gb DDoS Attack Over Lunch
 
Survey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber SecuritySurvey: Insider Threats and Cyber Security
Survey: Insider Threats and Cyber Security
 
Companies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPRCompanies Aware, but Not Prepared for GDPR
Companies Aware, but Not Prepared for GDPR
 
Rise of Ransomware
Rise of Ransomware Rise of Ransomware
Rise of Ransomware
 
7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors7 Tips to Protect Your Data from Contractors and Privileged Vendors
7 Tips to Protect Your Data from Contractors and Privileged Vendors
 
SEO Botnet Sophistication
SEO Botnet SophisticationSEO Botnet Sophistication
SEO Botnet Sophistication
 
Phishing Made Easy
Phishing Made EasyPhishing Made Easy
Phishing Made Easy
 
Imperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense ReportImperva 2017 Cyber Threat Defense Report
Imperva 2017 Cyber Threat Defense Report
 
Combat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat IntelligenceCombat Payment Card Attacks with WAF and Threat Intelligence
Combat Payment Card Attacks with WAF and Threat Intelligence
 
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing ExponentiallyHTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
HTTP/2: Faster Doesn't Mean Safer, Attack Surface Growing Exponentially
 
Get Going With Your GDPR Plan
Get Going With Your GDPR PlanGet Going With Your GDPR Plan
Get Going With Your GDPR Plan
 
Cyber Criminal's Path To Your Data
Cyber Criminal's Path To Your DataCyber Criminal's Path To Your Data
Cyber Criminal's Path To Your Data
 
Combat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data SecurityCombat Today's Threats With A Single Platform For App and Data Security
Combat Today's Threats With A Single Platform For App and Data Security
 

Recently uploaded

Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Victor Rentea
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Orbitshub
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Jeffrey Haguewood
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Victor Rentea
 

Recently uploaded (20)

Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls 🥰 8617370543 Service Offer VIP Hot Model
 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
 
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​Elevate Developer Efficiency & build GenAI Application with Amazon Q​
Elevate Developer Efficiency & build GenAI Application with Amazon Q​
 
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
Apidays New York 2024 - APIs in 2030: The Risk of Technological Sleepwalk by ...
 
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
Apidays New York 2024 - Accelerating FinTech Innovation by Vasa Krishnan, Fin...
 
[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf[BuildWithAI] Introduction to Gemini.pdf
[BuildWithAI] Introduction to Gemini.pdf
 
WSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering DevelopersWSO2's API Vision: Unifying Control, Empowering Developers
WSO2's API Vision: Unifying Control, Empowering Developers
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
 
DBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor PresentationDBX First Quarter 2024 Investor Presentation
DBX First Quarter 2024 Investor Presentation
 
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
Modular Monolith - a Practical Alternative to Microservices @ Devoxx UK 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
 
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdfRising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
Rising Above_ Dubai Floods and the Fortitude of Dubai International Airport.pdf
 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
 
Vector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptxVector Search -An Introduction in Oracle Database 23ai.pptx
Vector Search -An Introduction in Oracle Database 23ai.pptx
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
 

The Anatomy of Comment Spam

  • 1. © 2014 Imperva, Inc. All rights reserved. The Anatomy of Comment Spam Shelly Hershkovitz, Sr. Security Research Engineer, Imperva 1
  • 2. © 2014 Imperva, Inc. All rights reserved. Agenda 2 §  Comment Spam - What & Why? §  Comment Spam Attacks §  Data Analysis §  Mitigation Techniques §  Case Studies §  Conclusion §  Q&A
  • 3. © 2014 Imperva, Inc. All rights reserved. Shelly Hershkovitz, Sr. Security Research Engineer, Imperva 3 §  Leads the efforts to capture and analyze hacking activities •  Authored several Hacker Intelligence Initiative (HII) Reports §  Experienced in machine learning and computer vision §  Holds BA in Computer Science & M.Sc degree in Bio-Medical Engineering
  • 4. © 2014 Imperva, Inc. All rights reserved. Comment Spam - What & Why? 4 §  What? •  Wikipedia: ”Comment spam is a term used to refer to a broad category of spam bot postings which abuse web-based forms to post unsolicited advertisements as comments on forums, blogs, wikis and online guest books.” §  Why? •  Search engine optimization •  Advertisements •  Malware distribution •  Click fraud
  • 5. © 2014 Imperva, Inc. All rights reserved. Search Engine Optimization 5 MyWebSite.com OtherWebSite.com OtherBlog.com OtherWebSite.com OtherNewsWebSite.com Backlink Backlink
  • 6. © 2014 Imperva, Inc. All rights reserved. Comment Spam Attack 6 Target Acquisition Comment Generation Posting Verification
  • 7. © 2014 Imperva, Inc. All rights reserved. Comment Spam in Practice 7 §  Success relies on large scales §  Automated tools are used §  Inputs •  The site to be promoted •  Relevant keywords
  • 8. © 2014 Imperva, Inc. All rights reserved. §  URL Harvesting •  Locate relevant websites •  Locate suitable URLs for commenting §  An alternative – buy ‘Quality URLs’ lists •  A typical price is $40 for ~13,000 URLs Target Acquisition 8
  • 9. © 2014 Imperva, Inc. All rights reserved. Selecting the Targets 9 Target Selection Relevance Quality Difficulty Policy •  Relevance: Relevance to the promoted site •  Quality: The URL’s own search engine ranking •  Difficulty: The difficulty of posting comments (Captcha) •  Policy: The site’s policy regarding search engine (follow/ nofollow attribute)
  • 10. © 2014 Imperva, Inc. All rights reserved. Target Acquisition in Action 10
  • 11. © 2014 Imperva, Inc. All rights reserved. §  Verbal comments attached to the promoted site •  Input keywords Comment Generation 11
  • 12. © 2014 Imperva, Inc. All rights reserved. Comment Generation in Action 12
  • 13. © 2014 Imperva, Inc. All rights reserved. §  Post comments on many URLs §  Authentication, CAPTCHA, or user details handling Posting 13
  • 14. © 2014 Imperva, Inc. All rights reserved. Posting in Action 14
  • 15. © 2014 Imperva, Inc. All rights reserved. §  Collect feedback whether or not the comments were posted Verification 15
  • 16. © 2014 Imperva, Inc. All rights reserved. Verification in Action 16
  • 17. © 2014 Imperva, Inc. All rights reserved. Comment Spam in Action 17
  • 18. © 2014 Imperva, Inc. All rights reserved. §  17% of the attackers generated 58% of comment spam traffic Data Analysis 18
  • 19. © 2014 Imperva, Inc. All rights reserved. §  80% of comment spam traffic is generated by 28% of attackers Data Analysis 19 28.00% Source IP
  • 20. © 2014 Imperva, Inc. All rights reserved. Mitigation Techniques 20 §  Content inspection §  Source reputation §  Anti-automation §  Demotivation §  Manual inspection
  • 21. © 2014 Imperva, Inc. All rights reserved. Mitigation Techniques: Content Inspection 21 §  Inspecting the content of the posted comments §  Rule based •  Large number of links •  Logical sentences not related to the subject §  Akismet
  • 22. © 2014 Imperva, Inc. All rights reserved. Mitigation Techniques: Source Reputation 22 §  Based on the reputation of the poster §  Online repositories based on crowdsourcing
  • 23. © 2014 Imperva, Inc. All rights reserved. Mitigation Techniques: Anti-Automation 23 §  Anti-automation tools •  CAPTCHA •  Check-box for posting the comment •  Client type classification
  • 24. © 2014 Imperva, Inc. All rights reserved. Mitigation Techniques: Demotivation 24 §  Make comment spam useless §  Follow/nofollow value of the rel attribute of an HTML anchor <A> •  Specifies whether a link should be followed by search engines §  Penguin update for Google search engine algorithms
  • 25. © 2014 Imperva, Inc. All rights reserved. Mitigation Techniques: Manual Inspection 25 §  Effective but not scalable §  Effective against manual comment spam
  • 26. © 2014 Imperva, Inc. All rights reserved. Case Studies 26 §  Attack Target: Specific Victim §  Attack Source: Specific Attacking IP §  Google App Engine
  • 27. © 2014 Imperva, Inc. All rights reserved. §  A non-profit organization §  A single host with many URLs §  Our theory associates popular phrases within the URL address and page content, to the attack rate Specific Victim 27 Numberof Attacks
  • 28. © 2014 Imperva, Inc. All rights reserved. §  52% of source IPs produce 80% of the traffic Specific Victim 28 52% Source IP
  • 29. © 2014 Imperva, Inc. All rights reserved. Specific Attacking IP 29 §  Comment spam posting from a specific IP §  Rapid response (IP reputation feed) would have significantly reduce the impact of the attack Numberof Attacks
  • 30. © 2014 Imperva, Inc. All rights reserved. §  Five target websites were attacked from this source §  Most had suffered a relative high amount of comment spam attacks Specific Attacking IP 30 1 41% 2 25% 3 21% 4 11% 5 2% Percentage of Traffic per Target
  • 31. © 2014 Imperva, Inc. All rights reserved. §  Hyperlinks in a single request are for different websites §  Consecutive requests have similar hyperlinks §  Using different URLs for the same website avoids bad reputation Specific Attacking IP 31
  • 32. © 2014 Imperva, Inc. All rights reserved. Case Studies: Google App Engine 32 §  Google App Engine can be used to spread comment spam through proxy services §  This technique can be used to bypass IP based mitigations
  • 33. © 2014 Imperva, Inc. All rights reserved. Conclusion 33 §  Comment spam is a prosperous industry •  Many tools and services are available for comment spam generation and distribution §  Identifying the attacker as a comment spammer early on and blocking its requests prevents most of the malicious activity •  Reputation based controls are effective (IP / source application) §  Reputation based controls must be combined with some content based controls to avoid false positives §  Anti-automation and bot-detection controls can reduce the likelihood of an application becoming a target
  • 34. © 2014 Imperva, Inc. All rights reserved. Webinar Materials 34 Post-Webinar Discussions Answers to Attendee Questions Webinar Recording Link Join Group Join Imperva LinkedIn Group, Imperva Data Security Direct, for…
  • 35. © 2014 Imperva, Inc. All rights reserved. www.imperva.com 35