SlideShare ist ein Scribd-Unternehmen logo

Under DDoS: Instant Access to Live Information

Imperva Incapsula
Imperva Incapsula

The following presentation uses data from an actual DDoS attack to demonstrate some of the more typical uses and benefits of Incapsula’s Real-Time Event Monitoring capabilities.

TechnologieBusiness
1 von 11
Real-Time Event Monitoring Under DDoS: Instant Access to Live Information Disclaimer: The following is a description of an actual DDoS attack against one of Incapsula’s clients. To demonstrate Incapsula’s new Real-Time reporting capabilities, this presentation makes use of an actual screenshots and data from that event. Some facts, like IP and URL addresses, were altered to preserve anonymity.
Incapsula Maximum Security, Performance & Availability Through an application-aware Global CDN platform, Incapsula provides any website and web application with best-of-breed Security, DDoS Protection, Load Balancing & Failover solutions. Incapsula’s Real-Time Event Monitoring feature support all of these services by providing Accurate Visibility of Layer 7 Traffic Flow. --------------------------------------------------------------------------------------------------------------------------------------- The following presentation uses data from an actual DDoS attack to demonstrate some of the more typical uses and benefits of Incapsula’s Real-Time Event Monitoring capabilities.
It Starts with an Email Alert… 12:25:36 PM The event starts with an email alert, reporting on a suspicious activity on our client’s site. Incapsula’s Automated DDoS Protection was activated. Right now, the site is under attack.
Real-Time: First Evaluation 12:26:02 PM Incapsula’s Real-Time Monitoring is the next “go-to” spot. • Immediately you can see that Incapsula is blocking 515 malicious HTTP requests per second, which amount to 86% of all incoming traffic. • You can also see that response times of your servers are slightly higher than usual.
Real-Time: Servers’ Health & Activity 12:26:07 PM Using one of the available view options, you can now drill down to get a better picture of server health and load distribution. Both servers are active and the load distribution is even, which is good. The next step is to get more information about the DDoS offenders…
Real-Time: DDoS Offenders’ Identity 12:26:13 PM The Session Report shown here provides you with the information you need. You notice a suspiciously large chunk of traffic from outside the US. There is also an abnormally high percentage of “Firefox” visitors. Although they use browser user-agents, it looks like not all of them support JS or Cookies.
Real-Time: Tracking of Attackers’ Movement 12:26:27 PM The adjusted More button provides you with additional information about the offenders’ activity. When you use it to review the latest blocked sessions, you notice that they all share the same Entry Point; “/blog/” - an inactive, auto-generated, URL.
Real-Time: List of Attacking IPs 12:26:33 PM By filtering the data stream to show only the Blocked traffic, you also get instant views of the Top 5 attacking IPs. The full list is accessible as well, with a click on the More button.
Real-Time: Instant Access to Live Actionable Data Incapsula’s Real-Time Monitoring efficiently provides access to the most recent information about security events, incoming traffic and servers’ activity. In this case, literally in a matter of seconds, the website’s operator was able to collect all of the information he needed to understand and react to the attack, including: • Information about malicious traffic volumes • Information about the attack’s impact on availability • Status report of origin server health • Overview of server load distribution • Updated list of the spoofed user-agents • Latest information about the attacker’s point-of-entry • Updated list of attacking IPs
Real-Time: Enabling Data-Driven Decision Making Incapsula’s Real-Time view provides accurate visibility into Layer 7 traffic. Access to this live data enables data-driven decision making, as each piece of data can be leveraged into tactical action that enriches and supplements Incapsula’s automated DDoS Protection and Load Balancing solutions. Explore this new screen to uncover more view options, which will support you through a diverse array of security and server management scenarios…
Stay Safe

Empfohlen

Op Manager7
Op Manager7Op Manager7
Op Manager7lfair
 
Apache kafka- Onkar Kadam
Apache kafka- Onkar KadamApache kafka- Onkar Kadam
Apache kafka- Onkar KadamOnkar Kadam
 
Server Monitoring 101
Server Monitoring 101Server Monitoring 101
Server Monitoring 101Shovon Paulinus Rozario
 
Realtime Detection of DDOS attacks using Apache Spark and MLLib
Realtime Detection of DDOS attacks using Apache Spark and MLLibRealtime Detection of DDOS attacks using Apache Spark and MLLib
Realtime Detection of DDOS attacks using Apache Spark and MLLibRyan Bosshart
 
Starbucks Digital Strategy NMDL
Starbucks Digital Strategy NMDLStarbucks Digital Strategy NMDL
Starbucks Digital Strategy NMDLEmily Bratcher
 
Apache Spark Streaming -Real time web server log analytics
Apache Spark Streaming -Real time web server log analyticsApache Spark Streaming -Real time web server log analytics
Apache Spark Streaming -Real time web server log analyticsANKIT GUPTA
 
Clickstream Analysis
Clickstream AnalysisClickstream Analysis
Clickstream Analysisintuitiv.de
 
"up.time" New Release from uptime software - May, 2010
"up.time" New Release from uptime software - May, 2010"up.time" New Release from uptime software - May, 2010
"up.time" New Release from uptime software - May, 2010guesta93734
 

Empfohlen

Op Manager7
Op Manager7Op Manager7
Op Manager7lfair
 
Apache kafka- Onkar Kadam
Apache kafka- Onkar KadamApache kafka- Onkar Kadam
Apache kafka- Onkar KadamOnkar Kadam
 
Server Monitoring 101
Server Monitoring 101Server Monitoring 101
Server Monitoring 101Shovon Paulinus Rozario
 
Realtime Detection of DDOS attacks using Apache Spark and MLLib
Realtime Detection of DDOS attacks using Apache Spark and MLLibRealtime Detection of DDOS attacks using Apache Spark and MLLib
Realtime Detection of DDOS attacks using Apache Spark and MLLibRyan Bosshart
 
Starbucks Digital Strategy NMDL
Starbucks Digital Strategy NMDLStarbucks Digital Strategy NMDL
Starbucks Digital Strategy NMDLEmily Bratcher
 
Apache Spark Streaming -Real time web server log analytics
Apache Spark Streaming -Real time web server log analyticsApache Spark Streaming -Real time web server log analytics
Apache Spark Streaming -Real time web server log analyticsANKIT GUPTA
 
Clickstream Analysis
Clickstream AnalysisClickstream Analysis
Clickstream Analysisintuitiv.de
 
"up.time" New Release from uptime software - May, 2010
"up.time" New Release from uptime software - May, 2010"up.time" New Release from uptime software - May, 2010
"up.time" New Release from uptime software - May, 2010guesta93734
 
Lecture notes -001
Lecture notes -001Lecture notes -001
Lecture notes -001Eric Rotich
 
Netcool Impact docs
Netcool Impact docsNetcool Impact docs
Netcool Impact docsHIMANSHU GOYAL
 
20160316_tbk_bit_module7
20160316_tbk_bit_module720160316_tbk_bit_module7
20160316_tbk_bit_module7University of Twente
 
New Relic_Heroku_Presentation_Dreamforce11
New Relic_Heroku_Presentation_Dreamforce11New Relic_Heroku_Presentation_Dreamforce11
New Relic_Heroku_Presentation_Dreamforce11New Relic
 
Atlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleAtlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleExtraHop Networks
 
SampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J CurrulSampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J CurrulJim Currul
 
An Evaluators Guide To Net Flow Tracker
An Evaluators Guide To Net Flow TrackerAn Evaluators Guide To Net Flow Tracker
An Evaluators Guide To Net Flow Trackereegger
 
q4 w3 ICT 10.pptx
q4 w3 ICT 10.pptxq4 w3 ICT 10.pptx
q4 w3 ICT 10.pptxCrispinaRamirez
 
4
44
4aniketnimaje
 
Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...KajolPatel17
 
The present and future of serverless observability (QCon London)
The present and future of serverless observability (QCon London)The present and future of serverless observability (QCon London)
The present and future of serverless observability (QCon London)Yan Cui
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observabilityYan Cui
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observabilityYan Cui
 
Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Infradata
 
Running Head System Proposal .docx
Running Head System Proposal .docxRunning Head System Proposal .docx
Running Head System Proposal .docxagnesdcarey33086
 
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...JAYAPRAKASH JPINFOTECH
 
Continuous Monitoring for Web Application Security
Continuous Monitoring for Web Application SecurityContinuous Monitoring for Web Application Security
Continuous Monitoring for Web Application SecurityCenzic
 
InfraStitch Software Presentation
InfraStitch Software PresentationInfraStitch Software Presentation
InfraStitch Software PresentationSwapan Deb
 
Big Data: Querying complex JSON data with BigInsights and Hadoop
Big Data: Querying complex JSON data with BigInsights and HadoopBig Data: Querying complex JSON data with BigInsights and Hadoop
Big Data: Querying complex JSON data with BigInsights and HadoopCynthia Saracco
 
Couchbase Chennai Meetup 2 - Big Data & Analytics
Couchbase Chennai Meetup 2 - Big Data & AnalyticsCouchbase Chennai Meetup 2 - Big Data & Analytics
Couchbase Chennai Meetup 2 - Big Data & AnalyticsRedBlackTree
 
D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?Imperva Incapsula
 
D3TLV17- Keeping it Safe
D3TLV17- Keeping it SafeD3TLV17- Keeping it Safe
D3TLV17- Keeping it SafeImperva Incapsula
 

Weitere ähnliche Inhalte

Ähnlich wie Under DDoS: Instant Access to Live Information

Lecture notes -001
Lecture notes -001Lecture notes -001
Lecture notes -001Eric Rotich
 
New Relic_Heroku_Presentation_Dreamforce11
New Relic_Heroku_Presentation_Dreamforce11New Relic_Heroku_Presentation_Dreamforce11
New Relic_Heroku_Presentation_Dreamforce11New Relic
 
Atlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleAtlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleExtraHop Networks
 
SampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J CurrulSampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J CurrulJim Currul
 
An Evaluators Guide To Net Flow Tracker
An Evaluators Guide To Net Flow TrackerAn Evaluators Guide To Net Flow Tracker
An Evaluators Guide To Net Flow Trackereegger
 
Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...KajolPatel17
 
The present and future of serverless observability (QCon London)
The present and future of serverless observability (QCon London)The present and future of serverless observability (QCon London)
The present and future of serverless observability (QCon London)Yan Cui
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observabilityYan Cui
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observabilityYan Cui
 
Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Infradata
 
Running Head System Proposal .docx
Running Head System Proposal .docxRunning Head System Proposal .docx
Running Head System Proposal .docxagnesdcarey33086
 
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...JAYAPRAKASH JPINFOTECH
 
Continuous Monitoring for Web Application Security
Continuous Monitoring for Web Application SecurityContinuous Monitoring for Web Application Security
Continuous Monitoring for Web Application SecurityCenzic
 
InfraStitch Software Presentation
InfraStitch Software PresentationInfraStitch Software Presentation
InfraStitch Software PresentationSwapan Deb
 
Big Data: Querying complex JSON data with BigInsights and Hadoop
Big Data: Querying complex JSON data with BigInsights and HadoopBig Data: Querying complex JSON data with BigInsights and Hadoop
Big Data: Querying complex JSON data with BigInsights and HadoopCynthia Saracco
 
Couchbase Chennai Meetup 2 - Big Data & Analytics
Couchbase Chennai Meetup 2 - Big Data & AnalyticsCouchbase Chennai Meetup 2 - Big Data & Analytics
Couchbase Chennai Meetup 2 - Big Data & AnalyticsRedBlackTree
 

Ähnlich wie Under DDoS: Instant Access to Live Information (20)

Lecture notes -001
Lecture notes -001Lecture notes -001
Lecture notes -001
 
Netcool Impact docs
Netcool Impact docsNetcool Impact docs
Netcool Impact docs
 
20160316_tbk_bit_module7
20160316_tbk_bit_module720160316_tbk_bit_module7
20160316_tbk_bit_module7
 
New Relic_Heroku_Presentation_Dreamforce11
New Relic_Heroku_Presentation_Dreamforce11New Relic_Heroku_Presentation_Dreamforce11
New Relic_Heroku_Presentation_Dreamforce11
 
Atlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report SampleAtlas Services Remote Analysis Report Sample
Atlas Services Remote Analysis Report Sample
 
SampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J CurrulSampleChapter Operations Guide - J Currul
SampleChapter Operations Guide - J Currul
 
An Evaluators Guide To Net Flow Tracker
An Evaluators Guide To Net Flow TrackerAn Evaluators Guide To Net Flow Tracker
An Evaluators Guide To Net Flow Tracker
 
q4 w3 ICT 10.pptx
q4 w3 ICT 10.pptxq4 w3 ICT 10.pptx
q4 w3 ICT 10.pptx
 
4
44
4
 
Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...Implementing Active Directory and Information Security Audit also VAPT in Fin...
Implementing Active Directory and Information Security Audit also VAPT in Fin...
 
The present and future of serverless observability (QCon London)
The present and future of serverless observability (QCon London)The present and future of serverless observability (QCon London)
The present and future of serverless observability (QCon London)
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observability
 
The present and future of Serverless observability
The present and future of Serverless observabilityThe present and future of Serverless observability
The present and future of Serverless observability
 
Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)Cybersecurity breakfast tour 2013 (1)
Cybersecurity breakfast tour 2013 (1)
 
Running Head System Proposal .docx
Running Head System Proposal .docxRunning Head System Proposal .docx
Running Head System Proposal .docx
 
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...
Privacy-preserving Crowd-sourced Statistical Data Publishing with An Untruste...
 
Continuous Monitoring for Web Application Security
Continuous Monitoring for Web Application SecurityContinuous Monitoring for Web Application Security
Continuous Monitoring for Web Application Security
 
InfraStitch Software Presentation
InfraStitch Software PresentationInfraStitch Software Presentation
InfraStitch Software Presentation
 
Big Data: Querying complex JSON data with BigInsights and Hadoop
Big Data: Querying complex JSON data with BigInsights and HadoopBig Data: Querying complex JSON data with BigInsights and Hadoop
Big Data: Querying complex JSON data with BigInsights and Hadoop
 
Couchbase Chennai Meetup 2 - Big Data & Analytics
Couchbase Chennai Meetup 2 - Big Data & AnalyticsCouchbase Chennai Meetup 2 - Big Data & Analytics
Couchbase Chennai Meetup 2 - Big Data & Analytics
 

Mehr von Imperva Incapsula

D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?Imperva Incapsula
 
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...Imperva Incapsula
 
D3TLV17- Advanced DDoS Mitigation Techniques
D3TLV17- Advanced DDoS Mitigation TechniquesD3TLV17- Advanced DDoS Mitigation Techniques
D3TLV17- Advanced DDoS Mitigation TechniquesImperva Incapsula
 
D3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the BrowserD3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the BrowserImperva Incapsula
 
D3LDN17 - A Pragmatists Guide to DDoS Mitigation
D3LDN17 - A Pragmatists Guide to DDoS MitigationD3LDN17 - A Pragmatists Guide to DDoS Mitigation
D3LDN17 - A Pragmatists Guide to DDoS MitigationImperva Incapsula
 
D3NY17- Customizing Incapsula to Accommodate Single Sign-On
D3NY17- Customizing Incapsula to Accommodate Single Sign-OnD3NY17- Customizing Incapsula to Accommodate Single Sign-On
D3NY17- Customizing Incapsula to Accommodate Single Sign-OnImperva Incapsula
 
D3NY17 - Migrating to the Cloud
D3NY17 - Migrating to the CloudD3NY17 - Migrating to the Cloud
D3NY17 - Migrating to the CloudImperva Incapsula
 
D3NY17- Using IncapRules to Customize Security
D3NY17- Using IncapRules to Customize SecurityD3NY17- Using IncapRules to Customize Security
D3NY17- Using IncapRules to Customize SecurityImperva Incapsula
 
D3SF17- Using Incap Rules to Customize Your Security and Access Control
D3SF17- Using Incap Rules to Customize Your Security and Access ControlD3SF17- Using Incap Rules to Customize Your Security and Access Control
D3SF17- Using Incap Rules to Customize Your Security and Access ControlImperva Incapsula
 
D3SF17- Boost Your Website Performance with Application Delivery Rules
D3SF17- Boost Your Website Performance with Application Delivery RulesD3SF17- Boost Your Website Performance with Application Delivery Rules
D3SF17- Boost Your Website Performance with Application Delivery RulesImperva Incapsula
 
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...Imperva Incapsula
 
D3SF17- Improving Our China Clients Performance
D3SF17- Improving Our China Clients PerformanceD3SF17- Improving Our China Clients Performance
D3SF17- Improving Our China Clients PerformanceImperva Incapsula
 
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons LearnedD3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons LearnedImperva Incapsula
 
D3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the CurveD3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the CurveImperva Incapsula
 
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...Imperva Incapsula
 
Protect Your Assets with Single IP DDoS Protection
Protect Your Assets with Single IP DDoS ProtectionProtect Your Assets with Single IP DDoS Protection
Protect Your Assets with Single IP DDoS ProtectionImperva Incapsula
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...Imperva Incapsula
 
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackAn Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackImperva Incapsula
 

Mehr von Imperva Incapsula (20)

D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?D3TLV17- You have Incapsula...now what?
D3TLV17- You have Incapsula...now what?
 
D3TLV17- Keeping it Safe
D3TLV17- Keeping it SafeD3TLV17- Keeping it Safe
D3TLV17- Keeping it Safe
 
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
D3TLV17- The Incapsula WAF: Your Best Line of Denfense Against Application La...
 
D3TLV17- Advanced DDoS Mitigation Techniques
D3TLV17- Advanced DDoS Mitigation TechniquesD3TLV17- Advanced DDoS Mitigation Techniques
D3TLV17- Advanced DDoS Mitigation Techniques
 
D3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the BrowserD3LDN17 - Recruiting the Browser
D3LDN17 - Recruiting the Browser
 
D3LDN17 - A Pragmatists Guide to DDoS Mitigation
D3LDN17 - A Pragmatists Guide to DDoS MitigationD3LDN17 - A Pragmatists Guide to DDoS Mitigation
D3LDN17 - A Pragmatists Guide to DDoS Mitigation
 
D3LDN17 - Keynote
D3LDN17 - KeynoteD3LDN17 - Keynote
D3LDN17 - Keynote
 
D3NY17- Customizing Incapsula to Accommodate Single Sign-On
D3NY17- Customizing Incapsula to Accommodate Single Sign-OnD3NY17- Customizing Incapsula to Accommodate Single Sign-On
D3NY17- Customizing Incapsula to Accommodate Single Sign-On
 
D3NY17 - Migrating to the Cloud
D3NY17 - Migrating to the CloudD3NY17 - Migrating to the Cloud
D3NY17 - Migrating to the Cloud
 
D3NY17- Using IncapRules to Customize Security
D3NY17- Using IncapRules to Customize SecurityD3NY17- Using IncapRules to Customize Security
D3NY17- Using IncapRules to Customize Security
 
D3SF17- Using Incap Rules to Customize Your Security and Access Control
D3SF17- Using Incap Rules to Customize Your Security and Access ControlD3SF17- Using Incap Rules to Customize Your Security and Access Control
D3SF17- Using Incap Rules to Customize Your Security and Access Control
 
D3SF17- Boost Your Website Performance with Application Delivery Rules
D3SF17- Boost Your Website Performance with Application Delivery RulesD3SF17- Boost Your Website Performance with Application Delivery Rules
D3SF17- Boost Your Website Performance with Application Delivery Rules
 
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
D3SF17- A Single Source of Truth for Security Issues- Pushing Siem Logs to Cl...
 
D3SF17- Improving Our China Clients Performance
D3SF17- Improving Our China Clients PerformanceD3SF17- Improving Our China Clients Performance
D3SF17- Improving Our China Clients Performance
 
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons LearnedD3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
D3SF17- Migrating to the Cloud 5- Years' Worth of Lessons Learned
 
D3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the CurveD3SF17 -Keynote - Staying Ahead of the Curve
D3SF17 -Keynote - Staying Ahead of the Curve
 
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
E-commerce Optimization: Using Load Balancing and CDN to Improve Website Perf...
 
Protect Your Assets with Single IP DDoS Protection
Protect Your Assets with Single IP DDoS ProtectionProtect Your Assets with Single IP DDoS Protection
Protect Your Assets with Single IP DDoS Protection
 
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
[Webinar] DDoS Pentester Reveals: How Hackers Find Your Website’s Weak Points...
 
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS AttackAn Inside Look at a Sophisticated Multi-Vector DDoS Attack
An Inside Look at a Sophisticated Multi-Vector DDoS Attack
 

Kürzlich hochgeladen

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfsudhanshuwaghmare1
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CVKhem
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?Antenna Manufacturer Coco
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processorsdebabhi2
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUK Journal
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?Igalia
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 

Kürzlich hochgeladen (20)

Boost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdfBoost Fertility New Invention Ups Success Rates.pdf
Boost Fertility New Invention Ups Success Rates.pdf
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?What Are The Drone Anti-jamming Systems Technology?
What Are The Drone Anti-jamming Systems Technology?
 
Exploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone ProcessorsExploring the Future Potential of AI-Enabled Smartphone Processors
Exploring the Future Potential of AI-Enabled Smartphone Processors
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdfUnderstanding Discord NSFW Servers A Guide for Responsible Users.pdf
Understanding Discord NSFW Servers A Guide for Responsible Users.pdf
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 

Under DDoS: Instant Access to Live Information

  • 1. Real-Time Event Monitoring Under DDoS: Instant Access to Live Information Disclaimer: The following is a description of an actual DDoS attack against one of Incapsula’s clients. To demonstrate Incapsula’s new Real-Time reporting capabilities, this presentation makes use of an actual screenshots and data from that event. Some facts, like IP and URL addresses, were altered to preserve anonymity.
  • 2. Incapsula Maximum Security, Performance & Availability Through an application-aware Global CDN platform, Incapsula provides any website and web application with best-of-breed Security, DDoS Protection, Load Balancing & Failover solutions. Incapsula’s Real-Time Event Monitoring feature support all of these services by providing Accurate Visibility of Layer 7 Traffic Flow. --------------------------------------------------------------------------------------------------------------------------------------- The following presentation uses data from an actual DDoS attack to demonstrate some of the more typical uses and benefits of Incapsula’s Real-Time Event Monitoring capabilities.
  • 3. It Starts with an Email Alert… 12:25:36 PM The event starts with an email alert, reporting on a suspicious activity on our client’s site. Incapsula’s Automated DDoS Protection was activated. Right now, the site is under attack.
  • 4. Real-Time: First Evaluation 12:26:02 PM Incapsula’s Real-Time Monitoring is the next “go-to” spot. • Immediately you can see that Incapsula is blocking 515 malicious HTTP requests per second, which amount to 86% of all incoming traffic. • You can also see that response times of your servers are slightly higher than usual.
  • 5. Real-Time: Servers’ Health & Activity 12:26:07 PM Using one of the available view options, you can now drill down to get a better picture of server health and load distribution. Both servers are active and the load distribution is even, which is good. The next step is to get more information about the DDoS offenders…
  • 6. Real-Time: DDoS Offenders’ Identity 12:26:13 PM The Session Report shown here provides you with the information you need. You notice a suspiciously large chunk of traffic from outside the US. There is also an abnormally high percentage of “Firefox” visitors. Although they use browser user-agents, it looks like not all of them support JS or Cookies.
  • 7. Real-Time: Tracking of Attackers’ Movement 12:26:27 PM The adjusted More button provides you with additional information about the offenders’ activity. When you use it to review the latest blocked sessions, you notice that they all share the same Entry Point; “/blog/” - an inactive, auto-generated, URL.
  • 8. Real-Time: List of Attacking IPs 12:26:33 PM By filtering the data stream to show only the Blocked traffic, you also get instant views of the Top 5 attacking IPs. The full list is accessible as well, with a click on the More button.
  • 9. Real-Time: Instant Access to Live Actionable Data Incapsula’s Real-Time Monitoring efficiently provides access to the most recent information about security events, incoming traffic and servers’ activity. In this case, literally in a matter of seconds, the website’s operator was able to collect all of the information he needed to understand and react to the attack, including: • Information about malicious traffic volumes • Information about the attack’s impact on availability • Status report of origin server health • Overview of server load distribution • Updated list of the spoofed user-agents • Latest information about the attacker’s point-of-entry • Updated list of attacking IPs
  • 10. Real-Time: Enabling Data-Driven Decision Making Incapsula’s Real-Time view provides accurate visibility into Layer 7 traffic. Access to this live data enables data-driven decision making, as each piece of data can be leveraged into tactical action that enriches and supplements Incapsula’s automated DDoS Protection and Load Balancing solutions. Explore this new screen to uncover more view options, which will support you through a diverse array of security and server management scenarios…