SlideShare ist ein Scribd-Unternehmen logo

Trends in DDoS and Bots for 2019: Featuring Guest Speaker from IDC

Cloudflare
Cloudflare

Join this webinar with guest speaker Cathy Huang, Associate Research Director for IDC’s Asia/Pacific Services Research Group and Cloudflare, recently named a Leader in the IDC MarketScape: Worldwide DDoS Prevention Solutions 2019 Vendor Assessment (Doc #US43699318, March 2019). In this webinar, you will learn: - Why defending against only volumetric layer 3 and 4 attacks will leave you vulnerable to other emerging DDoS attack vectors - What economic and technological shifts are making DDoS more harmful and more evasive - Why bot management should be considered in every DDoS mitigation strategy - Which types of companies in APAC are highly targeted and why

Technologie
1 von 30
Downloaden Sie, um offline zu lesen
Trends in DDoS and Bots for 2019 Featuring Guest Speaker from IDC
What you will learn today 2 How is DDoS evolving? Why should bot management also be part of your DDoS mitigation strategy? How Cloudflare helps you address these challenges
Today’s Speakers Timothy Fong Product Marketing Lead, Security Solutions @ Cloudflare Cathy Huang Associate Research Director, Services and Security @ IDC Asia/Pacific
We are helping build a better Internet 4
5 Cloudflare Security Vision Provide world-class visibility, controls, and guided configurations so that customers of any size and technical sophistication can keep their Internet property safe and secure without sacrificing speed and performance 5
A Global Anycast Network 165+Data centers globally 2.8B Monthly active visitors generating 1.3 trillion page view 10%Internet requests everyday 8MRequests/second websites, apps & APIs in 150+ countries 13M+ 2x Speed up each request by
Rate Limiting SSL L3/4 DDoS Protection ` We secure traffic end-to-end, providing a layered defense Request Passed! Bot Management WAFDNS/DNSSEC Argo Tunnel 7 Orbit Spectrum EXTEND WorkersAccess CONTROL 7 L7 DDoS Protection
Factors increasing exposure to security risks Greater scrutiny by government and media around data, privacy and security Greater attack surface area from more public APIs, moving to the cloud, and increasing third-party integrations Stronger and more sophisticated attackers
IDC MarketScape: WW DDoS Prevention Solutions IDC MarketScape vendor analysis model is designed to provide an overview of the competitive fitness of ICT suppliers in a given market. The research methodology utilizes a rigorous scoring methodology based on both qualitative and quantitative criteria that results in a single graphical illustration of each vendor’s position within a given market. The Capabilities score measures vendor product, go-to-market and business execution in the short-term. The Strategy score measures alignment of vendor strategies with customer requirements in a 3-5-year timeframe. Vendor market share is represented by the size of the icons. Cloudflare is positioned as a Leader in the IDC MarketScape: Worldwide DDoS Prevention Solutions 2019 Assessment According to IDC, Cloudflare Strengths are its "unique architecture" and "rapid on-boarding process which is considered one of the easiest and fastest in the industry." Source: IDC MarketScape: Worldwide DDoS Prevention Solutions 2019 Vendor Assessment, by Martha Vazquez, March 2019, IDC #US43699318 Report Link: here
Presenter Bio 10© IDC Cathy Huang Associate Research Director, Services and Security, IDC Asia/Pacific Cathy Huang is Associate Research Director for IDC’s Asia/Pacific Services Research Group and Asia/Pacific Security practice. Ms. Huang draws on her extensive industry experience and domain expertise across a broad range of ICT segments, such as security, IT and business services, and cloud, which have been developed from extensive research and consulting work across the Asia/Pacific (AP) region.
Asia -- Top Cyber Attack Target as well as Origin 11© IDC ▪ Asia is growingly becoming a key target for DDoS and botnet attacks Source: IDC IoT WW Spend, 2018 and various media clips, 2016 -2018 46% Of WW IoT spend come from Asia/Pacific. Asia is not only being a fast-growing market from the demand perspective for IoT, but also a key manufacturer for many IoT devices.
Top Trends in Today’s DDoS Attacks 12© IDC ▪ Volumetric attack; TCP exhaustion ; Application layer; Multi-vector ▪ Volumetric to various types of DDoS attacks, e.g. TCP exhaustion , application layer, multi-vector ▪ IoT connected devices is becoming a major force behind DDoS attacks ▪ Highly profitable and low entry (e.g. Script Kiddies) ▪ Convergence of DDoS attack and fraud (e.g. targeting at business logics)
Prominent Types of DDoS Attacks 13© IDC Q. What type of attacks did you experience? ToCSource: IDC DDoS Prevention Survey, January 2018, n=140 ● TCP exhaustion - focuses on web servers, firewalls, and load balancers to disrupt connections, thus exhausting the finite number of concurrent connections devices can support ● Application layer attacks (also known as Layer 7 attacks) -- specifically targets weaknesses in an application or server with the goal of establishing a connection and exhausting it by monopolizing processes and transactions ● Multivector attacks combine volumetric attacks, stateful exhaustion attacks, and application-layer attacks ○ DDoS attacks with ransom requests ○ DDoS attacks as smoke screen
Over 50% of Respondents Had Been Attacked Between 1-10 Times in the Past Year With Over 60% Attacks Lasting an Average of 0-10 Hours 14© IDC Q. How frequently did your organization experience a DDoS attack in the past year? Q. If you experienced a DDoS attack, on average, how long did the attack last? ToCSource: DDoS Prevention Survey, January 2018, IDC Frequency of Attacks Duration of Attacks
15 DDoS Attacks Target Business Logic • Web & Mobile Application layer dealing with end-users becomes a major target for cyber criminals (e.g. digital banking users, ticket/hotel online booking, or any digital services) • Automation is now a key tool in the arsenal of cyber criminals to exploit the weakest links in the app layer especially the payment gateways CREDIT CARD 1234 9876 2345 7654 • Digital transactions have grown exponentially across multiple industries • Attacker no longer only focusing on compromising credentials & breaching networks but targeting business logic • Multi- vector attack -- DDoS attack as smokescreen Business loss not only caused by unavailability of services , but also • Denial of profit: Enterprises denied of their profit through fraud (e.g. during flash deals) • Denial of customer satisfaction or diminished customer loyalty: Legitimate customers denied service causing dissatisfaction ( e.g. during promotions)
16© IDC Q. Which type of DDoS mitigation solutions do you use? ToC Source: DDoS Prevention Survey, January 2018, IDC n =138 & IDC Security Services survey n=303 Adoption Trends in DDoS Mitigation Solutions 47% Of organizations are using hybrid DDoS Defense combines on-premise with cloud-based mitigation Asia/Pacific organizations are moving to the cloud and ; on-prem in Asia/Pacific drops by 20% in 3 years
Top Cybersecurity Objectives across Asia/Pacific 17© IDC, 2019 Asia/Pacific Specific Markets Top 1 Reduce the number of security incidents (38.6%) South Korea (70%) Hong Kong (63%) Taiwan (57%) China (48%) Top 2 Comply with regulations (38.1%) Australia (83%) New Zealand (60%) Philippines (50%) Singapore (47%) Top 3 Optimize security spending (37.3%) India (50%) Malaysia (50%) Taiwan (47%) Philippines (43%) Q: Please select up to 5 cybersecurity objectives that your organization is pursuing over the next 12 to 18 months. n = 402 Base = All Respondents Source: IDC Asia/Pacific 2018 Digital Trust and Cybersecurity Economics Survey , January 2019, IDC
Leading DDoS Prevention and Mitigation Vendors 18© IDC Q. What type of service provider and/or vendor does your organization use or DDoS Prevention and mitigation? Please Select all that apply. ToC Source: IDC MarketScape: Worldwide DDoS Prevention Solutions 2019 Vendor Assessment, March 2019 Organizations are turning to a variety of providers and vendors to assist with DDoS protection. • Provide advanced value-added features and capabilities such as real-time monitoring, threat intelligence, web application firewall (WAF), advanced analytics, forensics, etc. • Demonstrate pricing models that are flexible for the customer. • Ensure flexible deployment options that work for the organization • Demonstrate quick onboarding methods. • Provide expertise, support, and experience.
▪ Get the facts. To assess the imminent risk and determine what action to take and, perhaps more importantly, communicate to senior management, you must determine who, what, where, when, and how at a broad level. ▪ Identify, friend or foe. With facts in hand, now you can determine whether your organization is a target, in line for collateral damage, or reasonably unaffected. ▪ Take action. If you haven't planned for an outage or the attack exceeds your capacity, your immediate response options are limited to network reconfiguration or isolation (e.g., pulling the plug). ▪ Spread the (accurate) word. With major outages, communication is key. Remember, there could be all sorts of rumors spreading that can only be addressed with specifics of the organization's plan. ▪ Kick the tires. Even if your organization is not the target, these are excellent real-world scenarios that allow organizations to work through their protection mechanisms as if they are affected. ▪ Watch your back. Perhaps the more insidious opportunity for attackers during big splashy failures like these is to execute targeted attacks undercover, using the event as a distraction. ▪ Be a good neighbor. In today's interconnected world, your technical presence on the internet affects others. Downstream liability due to perceived negligence is a budding concern for many. © IDC 19 The CIOs’ Seven-Step Checklist for Internet Availability Source: IDC #US41895416, Nov2016 DNS DDoS Debacle: The CIO's Seven-Step Checklist for Internet Availability
Timothy Fong Security Lead, Product Marketing Manager @ Cloudflare
Industry Legacy Scrubbing vs. Cloudflare Always-On 21 Industry Legacy Scrubbing - Long propagation times (up to 300 sec) - Asynchronous routing - Adds significant latency - Typically requires manual intervention Always-On - Zero propagation time - Synchronous routing - No added latency - Immediate, automated mitigation, with no “cut over” required
Cloudflare DDoS Solution 22 Protect Non HTTP Ports Spectrum protects non-HTTP ports open to the Internet with the same distributed architecture Custom Rate Limiting Customers can tune Layer 7 protections to their specific applications and traffic profile through rate limiting rules. Resilient DNS Cloudlare’s resilient DNS protects customers from going down because their DNS is overwhelmed by a volumetric attack. Always On DDoS With automatic heuristics and a distributed Anycast network, Cloudflare’s Always On DDoS detects and mitigates Layer ¾ and Layer 7 attacks at scale.
Cloudflare DDoS Differentiation 23 Easy Deployment Easy to turn-on protections that mitigate within minutes and remain “always on” without requiring ongoing maintenance or configuration. Integrated Our integration with Bot Management and Firewall Rules gives additional capabilities from a single control plane. Scale As our network continues to grows, so does our capacity and data-driven insight to block attacks automatically.
Bot Management Use Cases Attempts to log into and take-over a user’s account by automatically applying previously stolen account credentials Steals public information from a website Adds malicious content to web properties such as forums and registration forms Credential Stuffing Content Scraping Content Spam Fraudulently purchases goods to deprive legitimate customers or resell for a higher price Inventory Hoarding Credit Card Stuffing Tries to validate stolen credit cards to then make fraudulent purchases 24
Cloudflare Next Gen Bot Management One-Click Deployment ● With a single click, deploy rules with Cloudflare recommended bot score thresholds ● No instrumentation with third-party JavaScript required Control and Configurability ● Scope rules by path or URI pattern, request method, and bot score thresholds ● Select mitigation methods, such as log, CAPTCHA, or block Rich Analytics and Logs ● Time-series graphs with drill-down tables ● Logs bot management rule, action, and rich request meta-data for every request Detect and mitigate bad bots by leveraging intelligence from over 13 million Internet properties. All with one click.
Cloudflare Bot Management Methods Machine Learning Cloudflare’s ML trains on a curated subset of 425 billion requests per day across 13M+ Internet properties to create a reliable “bot score” for every request. Behavioral Analysis Behavioral analysis detects anomalies in site-specific traffic, scoring every request on how different it is from the baseline. Automatic Whitelist Because not all bots are bad, the solution automatically maintains and updates a white list of "good" bots, such as those belonging to search engines. Mobile SDK The mobile SDK prevents attacks against mobile application APIs by impersonation and emulation bots. 26 Detection Protection
Cloudflare Bot Management Differentiation 27 Integrated Complete not Complex Cloudflare Bot Management is best-in-class as a stand-alone solution and as integrated with WAF, CDN and DDoS protection: ● Streamlines deployment by integrating with a CDN and smart routing for origin traffic. ● Shares control plane through UI and API with WAF and Firewall Rules for better consistency and lower context switching ● Gives a holistic view through common analytics and logs Deploys a bot management solution against a full range of bot attacks with a single click: ● Deploys protections against content/price scraping, credential and credit card stuffing, content spam, and inventory hoarding -- all in one click. ● Fingerprints all traffic without requiring Javascript injection ● Suggested rules work out-of-the box. No fiddling and endless configuration required to get solid results Smart Data Cloudflare Bot Management leverages the trillions of requests per day processed from protecting 13M+ Internet properties: ● Machine learning trains on data curated from 425B requests per day and analyzed on a state-of-the-art GPU cluster ● Our data set contains traffic from over 150 countries ● Learnings from one website are immediately applied to the whole network
Summary 28 How DDoS is evolving Why should bot management also be part of your DDoS mitigation strategy How Cloudflare helps you address these challenges
Questions?
Thank You

Empfohlen

Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Cloudflare
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareClose your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareCloudflare
 
Why you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceWhy you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceCloudflare
 
Don't Let Bots Ruin Your Holiday Business - Snackable Webinar
Don't Let Bots Ruin Your Holiday Business - Snackable WebinarDon't Let Bots Ruin Your Holiday Business - Snackable Webinar
Don't Let Bots Ruin Your Holiday Business - Snackable WebinarCloudflare
 
Why Zero Trust Architecture Will Become the New Normal in 2021
Why Zero Trust Architecture Will Become the New Normal in 2021Why Zero Trust Architecture Will Become the New Normal in 2021
Why Zero Trust Architecture Will Become the New Normal in 2021Cloudflare
 
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...Cloudflare
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastCloudflare
 
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...Cloudflare
 

Empfohlen

Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Succeeding with Secure Access Service Edge (SASE)
Succeeding with Secure Access Service Edge (SASE)Cloudflare
 
Close your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareClose your security gaps and get 100% of your traffic protected with Cloudflare
Close your security gaps and get 100% of your traffic protected with CloudflareCloudflare
 
Why you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceWhy you should replace your d do s hardware appliance
Why you should replace your d do s hardware applianceCloudflare
 
Don't Let Bots Ruin Your Holiday Business - Snackable Webinar
Don't Let Bots Ruin Your Holiday Business - Snackable WebinarDon't Let Bots Ruin Your Holiday Business - Snackable Webinar
Don't Let Bots Ruin Your Holiday Business - Snackable WebinarCloudflare
 
Why Zero Trust Architecture Will Become the New Normal in 2021
Why Zero Trust Architecture Will Become the New Normal in 2021Why Zero Trust Architecture Will Become the New Normal in 2021
Why Zero Trust Architecture Will Become the New Normal in 2021Cloudflare
 
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...
HARTMANN and Cloudflare Learn how healthcare providers can build resilient in...Cloudflare
 
Zero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastZero trust for everybody: 3 ways to get there fast
Zero trust for everybody: 3 ways to get there fastCloudflare
 
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...
LendingTree and Cloudflare: Ensuring zero trade-off between security and cust...Cloudflare
 
Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Cloudflare
 
Scaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceScaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceCloudflare
 
Application layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataApplication layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataCloudflare
 
Recent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondRecent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondCloudflare
 
Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)Cloudflare
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersCloudflare
 
Kentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS AttacksKentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS AttacksCloudflare
 
Stopping DDoS Attacks in North America
Stopping DDoS Attacks in North AmericaStopping DDoS Attacks in North America
Stopping DDoS Attacks in North AmericaCloudflare
 
It’s 9AM... Do you know what’s happening on your network?
It’s 9AM... Do you know what’s happening on your network?It’s 9AM... Do you know what’s happening on your network?
It’s 9AM... Do you know what’s happening on your network?Cloudflare
 
Cyber security fundamentals (simplified chinese)
Cyber security fundamentals (simplified chinese)Cyber security fundamentals (simplified chinese)
Cyber security fundamentals (simplified chinese)Cloudflare
 
Bring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsBring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsCloudflare
 
Accelerate your digital transformation
Accelerate your digital transformationAccelerate your digital transformation
Accelerate your digital transformationCloudflare
 
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cloudflare
 
Cloudflareのソリューションを使用して悪意のあるBot対策
Cloudflareのソリューションを使用して悪意のあるBot対策Cloudflareのソリューションを使用して悪意のあるBot対策
Cloudflareのソリューションを使用して悪意のあるBot対策Cloudflare
 
Stopping DDoS Attacks In South Africa
Stopping DDoS Attacks In South AfricaStopping DDoS Attacks In South Africa
Stopping DDoS Attacks In South AfricaCloudflare
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentalsCloudflare
 
Webinar - Cyber Security basics in Japanese
Webinar - Cyber Security basics in JapaneseWebinar - Cyber Security basics in Japanese
Webinar - Cyber Security basics in JapaneseCloudflare
 
How to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesHow to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesCloudflare
 
Fight bad bot on the internet
Fight bad bot on the internetFight bad bot on the internet
Fight bad bot on the internetCloudflare
 
How to Build a Practical and Cost-Effective Security Strategy
How to Build a Practical and Cost-Effective Security StrategyHow to Build a Practical and Cost-Effective Security Strategy
How to Build a Practical and Cost-Effective Security StrategyCloudflare
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 

Weitere ähnliche Inhalte

Mehr von Cloudflare

Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Cloudflare
 
Scaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceScaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceCloudflare
 
Application layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataApplication layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataCloudflare
 
Recent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondRecent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondCloudflare
 
Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)Cloudflare
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersCloudflare
 
Kentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS AttacksKentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS AttacksCloudflare
 
Stopping DDoS Attacks in North America
Stopping DDoS Attacks in North AmericaStopping DDoS Attacks in North America
Stopping DDoS Attacks in North AmericaCloudflare
 
It’s 9AM... Do you know what’s happening on your network?
It’s 9AM... Do you know what’s happening on your network?It’s 9AM... Do you know what’s happening on your network?
It’s 9AM... Do you know what’s happening on your network?Cloudflare
 
Cyber security fundamentals (simplified chinese)
Cyber security fundamentals (simplified chinese)Cyber security fundamentals (simplified chinese)
Cyber security fundamentals (simplified chinese)Cloudflare
 
Bring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsBring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsCloudflare
 
Accelerate your digital transformation
Accelerate your digital transformationAccelerate your digital transformation
Accelerate your digital transformationCloudflare
 
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cloudflare
 
Cloudflareのソリューションを使用して悪意のあるBot対策
Cloudflareのソリューションを使用して悪意のあるBot対策Cloudflareのソリューションを使用して悪意のあるBot対策
Cloudflareのソリューションを使用して悪意のあるBot対策Cloudflare
 
Stopping DDoS Attacks In South Africa
Stopping DDoS Attacks In South AfricaStopping DDoS Attacks In South Africa
Stopping DDoS Attacks In South AfricaCloudflare
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentalsCloudflare
 
Webinar - Cyber Security basics in Japanese
Webinar - Cyber Security basics in JapaneseWebinar - Cyber Security basics in Japanese
Webinar - Cyber Security basics in JapaneseCloudflare
 
How to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesHow to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesCloudflare
 
Fight bad bot on the internet
Fight bad bot on the internetFight bad bot on the internet
Fight bad bot on the internetCloudflare
 
How to Build a Practical and Cost-Effective Security Strategy
How to Build a Practical and Cost-Effective Security StrategyHow to Build a Practical and Cost-Effective Security Strategy
How to Build a Practical and Cost-Effective Security StrategyCloudflare
 

Mehr von Cloudflare (20)

Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...Network Transformation: What it is, and how it’s helping companies stay secur...
Network Transformation: What it is, and how it’s helping companies stay secur...
 
Scaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-serviceScaling service provider business with DDoS-mitigation-as-a-service
Scaling service provider business with DDoS-mitigation-as-a-service
 
Application layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare dataApplication layer attack trends through the lens of Cloudflare data
Application layer attack trends through the lens of Cloudflare data
 
Recent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respondRecent DDoS attack trends, and how you should respond
Recent DDoS attack trends, and how you should respond
 
Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)Cybersecurity 2020 threat landscape and its implications (AMER)
Cybersecurity 2020 threat landscape and its implications (AMER)
 
Strengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providersStrengthening security posture for modern-age SaaS providers
Strengthening security posture for modern-age SaaS providers
 
Kentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS AttacksKentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
Kentik and Cloudflare Partner to Mitigate Advanced DDoS Attacks
 
Stopping DDoS Attacks in North America
Stopping DDoS Attacks in North AmericaStopping DDoS Attacks in North America
Stopping DDoS Attacks in North America
 
It’s 9AM... Do you know what’s happening on your network?
It’s 9AM... Do you know what’s happening on your network?It’s 9AM... Do you know what’s happening on your network?
It’s 9AM... Do you know what’s happening on your network?
 
Cyber security fundamentals (simplified chinese)
Cyber security fundamentals (simplified chinese)Cyber security fundamentals (simplified chinese)
Cyber security fundamentals (simplified chinese)
 
Bring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teamsBring speed and security to the intranet with cloudflare for teams
Bring speed and security to the intranet with cloudflare for teams
 
Accelerate your digital transformation
Accelerate your digital transformationAccelerate your digital transformation
Accelerate your digital transformation
 
Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)Cyber security fundamentals (Cantonese)
Cyber security fundamentals (Cantonese)
 
Cloudflareのソリューションを使用して悪意のあるBot対策
Cloudflareのソリューションを使用して悪意のあるBot対策Cloudflareのソリューションを使用して悪意のあるBot対策
Cloudflareのソリューションを使用して悪意のあるBot対策
 
Stopping DDoS Attacks In South Africa
Stopping DDoS Attacks In South AfricaStopping DDoS Attacks In South Africa
Stopping DDoS Attacks In South Africa
 
Cyber security fundamentals
Cyber security fundamentalsCyber security fundamentals
Cyber security fundamentals
 
Webinar - Cyber Security basics in Japanese
Webinar - Cyber Security basics in JapaneseWebinar - Cyber Security basics in Japanese
Webinar - Cyber Security basics in Japanese
 
How to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer GamesHow to Plan for Performance and Scale for Multiplayer Games
How to Plan for Performance and Scale for Multiplayer Games
 
Fight bad bot on the internet
Fight bad bot on the internetFight bad bot on the internet
Fight bad bot on the internet
 
How to Build a Practical and Cost-Effective Security Strategy
How to Build a Practical and Cost-Effective Security StrategyHow to Build a Practical and Cost-Effective Security Strategy
How to Build a Practical and Cost-Effective Security Strategy
 

Kürzlich hochgeladen

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfAddepto
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostZilliz
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Commit University
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embeddingZilliz
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machinePadma Pradeep
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenHervé Boutemy
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek SchlawackFwdays
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 

Kürzlich hochgeladen (20)

DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Gen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdfGen AI in Business - Global Trends Report 2024.pdf
Gen AI in Business - Global Trends Report 2024.pdf
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage CostLeverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
Leverage Zilliz Serverless - Up to 50X Saving for Your Vector Storage Cost
 
Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!Nell’iperspazio con Rocket: il Framework Web di Rust!
Nell’iperspazio con Rocket: il Framework Web di Rust!
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Training state-of-the-art general text embedding
Training state-of-the-art general text embeddingTraining state-of-the-art general text embedding
Training state-of-the-art general text embedding
 
Install Stable Diffusion in windows machine
Install Stable Diffusion in windows machineInstall Stable Diffusion in windows machine
Install Stable Diffusion in windows machine
 
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptxE-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
E-Vehicle_Hacking_by_Parul Sharma_null_owasp.pptx
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
DevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache MavenDevoxxFR 2024 Reproducible Builds with Apache Maven
DevoxxFR 2024 Reproducible Builds with Apache Maven
 
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
"Subclassing and Composition – A Pythonic Tour of Trade-Offs", Hynek Schlawack
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 

Trends in DDoS and Bots for 2019: Featuring Guest Speaker from IDC

  • 1. Trends in DDoS and Bots for 2019 Featuring Guest Speaker from IDC
  • 2. What you will learn today 2 How is DDoS evolving? Why should bot management also be part of your DDoS mitigation strategy? How Cloudflare helps you address these challenges
  • 3. Today’s Speakers Timothy Fong Product Marketing Lead, Security Solutions @ Cloudflare Cathy Huang Associate Research Director, Services and Security @ IDC Asia/Pacific
  • 4. We are helping build a better Internet 4
  • 5. 5 Cloudflare Security Vision Provide world-class visibility, controls, and guided configurations so that customers of any size and technical sophistication can keep their Internet property safe and secure without sacrificing speed and performance 5
  • 6. A Global Anycast Network 165+Data centers globally 2.8B Monthly active visitors generating 1.3 trillion page view 10%Internet requests everyday 8MRequests/second websites, apps & APIs in 150+ countries 13M+ 2x Speed up each request by
  • 7. Rate Limiting SSL L3/4 DDoS Protection ` We secure traffic end-to-end, providing a layered defense Request Passed! Bot Management WAFDNS/DNSSEC Argo Tunnel 7 Orbit Spectrum EXTEND WorkersAccess CONTROL 7 L7 DDoS Protection
  • 8. Factors increasing exposure to security risks Greater scrutiny by government and media around data, privacy and security Greater attack surface area from more public APIs, moving to the cloud, and increasing third-party integrations Stronger and more sophisticated attackers
  • 9. IDC MarketScape: WW DDoS Prevention Solutions IDC MarketScape vendor analysis model is designed to provide an overview of the competitive fitness of ICT suppliers in a given market. The research methodology utilizes a rigorous scoring methodology based on both qualitative and quantitative criteria that results in a single graphical illustration of each vendor’s position within a given market. The Capabilities score measures vendor product, go-to-market and business execution in the short-term. The Strategy score measures alignment of vendor strategies with customer requirements in a 3-5-year timeframe. Vendor market share is represented by the size of the icons. Cloudflare is positioned as a Leader in the IDC MarketScape: Worldwide DDoS Prevention Solutions 2019 Assessment According to IDC, Cloudflare Strengths are its "unique architecture" and "rapid on-boarding process which is considered one of the easiest and fastest in the industry." Source: IDC MarketScape: Worldwide DDoS Prevention Solutions 2019 Vendor Assessment, by Martha Vazquez, March 2019, IDC #US43699318 Report Link: here
  • 10. Presenter Bio 10© IDC Cathy Huang Associate Research Director, Services and Security, IDC Asia/Pacific Cathy Huang is Associate Research Director for IDC’s Asia/Pacific Services Research Group and Asia/Pacific Security practice. Ms. Huang draws on her extensive industry experience and domain expertise across a broad range of ICT segments, such as security, IT and business services, and cloud, which have been developed from extensive research and consulting work across the Asia/Pacific (AP) region.
  • 11. Asia -- Top Cyber Attack Target as well as Origin 11© IDC ▪ Asia is growingly becoming a key target for DDoS and botnet attacks Source: IDC IoT WW Spend, 2018 and various media clips, 2016 -2018 46% Of WW IoT spend come from Asia/Pacific. Asia is not only being a fast-growing market from the demand perspective for IoT, but also a key manufacturer for many IoT devices.
  • 12. Top Trends in Today’s DDoS Attacks 12© IDC ▪ Volumetric attack; TCP exhaustion ; Application layer; Multi-vector ▪ Volumetric to various types of DDoS attacks, e.g. TCP exhaustion , application layer, multi-vector ▪ IoT connected devices is becoming a major force behind DDoS attacks ▪ Highly profitable and low entry (e.g. Script Kiddies) ▪ Convergence of DDoS attack and fraud (e.g. targeting at business logics)
  • 13. Prominent Types of DDoS Attacks 13© IDC Q. What type of attacks did you experience? ToCSource: IDC DDoS Prevention Survey, January 2018, n=140 ● TCP exhaustion - focuses on web servers, firewalls, and load balancers to disrupt connections, thus exhausting the finite number of concurrent connections devices can support ● Application layer attacks (also known as Layer 7 attacks) -- specifically targets weaknesses in an application or server with the goal of establishing a connection and exhausting it by monopolizing processes and transactions ● Multivector attacks combine volumetric attacks, stateful exhaustion attacks, and application-layer attacks ○ DDoS attacks with ransom requests ○ DDoS attacks as smoke screen
  • 14. Over 50% of Respondents Had Been Attacked Between 1-10 Times in the Past Year With Over 60% Attacks Lasting an Average of 0-10 Hours 14© IDC Q. How frequently did your organization experience a DDoS attack in the past year? Q. If you experienced a DDoS attack, on average, how long did the attack last? ToCSource: DDoS Prevention Survey, January 2018, IDC Frequency of Attacks Duration of Attacks
  • 15. 15 DDoS Attacks Target Business Logic • Web & Mobile Application layer dealing with end-users becomes a major target for cyber criminals (e.g. digital banking users, ticket/hotel online booking, or any digital services) • Automation is now a key tool in the arsenal of cyber criminals to exploit the weakest links in the app layer especially the payment gateways CREDIT CARD 1234 9876 2345 7654 • Digital transactions have grown exponentially across multiple industries • Attacker no longer only focusing on compromising credentials & breaching networks but targeting business logic • Multi- vector attack -- DDoS attack as smokescreen Business loss not only caused by unavailability of services , but also • Denial of profit: Enterprises denied of their profit through fraud (e.g. during flash deals) • Denial of customer satisfaction or diminished customer loyalty: Legitimate customers denied service causing dissatisfaction ( e.g. during promotions)
  • 16. 16© IDC Q. Which type of DDoS mitigation solutions do you use? ToC Source: DDoS Prevention Survey, January 2018, IDC n =138 & IDC Security Services survey n=303 Adoption Trends in DDoS Mitigation Solutions 47% Of organizations are using hybrid DDoS Defense combines on-premise with cloud-based mitigation Asia/Pacific organizations are moving to the cloud and ; on-prem in Asia/Pacific drops by 20% in 3 years
  • 17. Top Cybersecurity Objectives across Asia/Pacific 17© IDC, 2019 Asia/Pacific Specific Markets Top 1 Reduce the number of security incidents (38.6%) South Korea (70%) Hong Kong (63%) Taiwan (57%) China (48%) Top 2 Comply with regulations (38.1%) Australia (83%) New Zealand (60%) Philippines (50%) Singapore (47%) Top 3 Optimize security spending (37.3%) India (50%) Malaysia (50%) Taiwan (47%) Philippines (43%) Q: Please select up to 5 cybersecurity objectives that your organization is pursuing over the next 12 to 18 months. n = 402 Base = All Respondents Source: IDC Asia/Pacific 2018 Digital Trust and Cybersecurity Economics Survey , January 2019, IDC
  • 18. Leading DDoS Prevention and Mitigation Vendors 18© IDC Q. What type of service provider and/or vendor does your organization use or DDoS Prevention and mitigation? Please Select all that apply. ToC Source: IDC MarketScape: Worldwide DDoS Prevention Solutions 2019 Vendor Assessment, March 2019 Organizations are turning to a variety of providers and vendors to assist with DDoS protection. • Provide advanced value-added features and capabilities such as real-time monitoring, threat intelligence, web application firewall (WAF), advanced analytics, forensics, etc. • Demonstrate pricing models that are flexible for the customer. • Ensure flexible deployment options that work for the organization • Demonstrate quick onboarding methods. • Provide expertise, support, and experience.
  • 19. ▪ Get the facts. To assess the imminent risk and determine what action to take and, perhaps more importantly, communicate to senior management, you must determine who, what, where, when, and how at a broad level. ▪ Identify, friend or foe. With facts in hand, now you can determine whether your organization is a target, in line for collateral damage, or reasonably unaffected. ▪ Take action. If you haven't planned for an outage or the attack exceeds your capacity, your immediate response options are limited to network reconfiguration or isolation (e.g., pulling the plug). ▪ Spread the (accurate) word. With major outages, communication is key. Remember, there could be all sorts of rumors spreading that can only be addressed with specifics of the organization's plan. ▪ Kick the tires. Even if your organization is not the target, these are excellent real-world scenarios that allow organizations to work through their protection mechanisms as if they are affected. ▪ Watch your back. Perhaps the more insidious opportunity for attackers during big splashy failures like these is to execute targeted attacks undercover, using the event as a distraction. ▪ Be a good neighbor. In today's interconnected world, your technical presence on the internet affects others. Downstream liability due to perceived negligence is a budding concern for many. © IDC 19 The CIOs’ Seven-Step Checklist for Internet Availability Source: IDC #US41895416, Nov2016 DNS DDoS Debacle: The CIO's Seven-Step Checklist for Internet Availability
  • 20. Timothy Fong Security Lead, Product Marketing Manager @ Cloudflare
  • 21. Industry Legacy Scrubbing vs. Cloudflare Always-On 21 Industry Legacy Scrubbing - Long propagation times (up to 300 sec) - Asynchronous routing - Adds significant latency - Typically requires manual intervention Always-On - Zero propagation time - Synchronous routing - No added latency - Immediate, automated mitigation, with no “cut over” required
  • 22. Cloudflare DDoS Solution 22 Protect Non HTTP Ports Spectrum protects non-HTTP ports open to the Internet with the same distributed architecture Custom Rate Limiting Customers can tune Layer 7 protections to their specific applications and traffic profile through rate limiting rules. Resilient DNS Cloudlare’s resilient DNS protects customers from going down because their DNS is overwhelmed by a volumetric attack. Always On DDoS With automatic heuristics and a distributed Anycast network, Cloudflare’s Always On DDoS detects and mitigates Layer ¾ and Layer 7 attacks at scale.
  • 23. Cloudflare DDoS Differentiation 23 Easy Deployment Easy to turn-on protections that mitigate within minutes and remain “always on” without requiring ongoing maintenance or configuration. Integrated Our integration with Bot Management and Firewall Rules gives additional capabilities from a single control plane. Scale As our network continues to grows, so does our capacity and data-driven insight to block attacks automatically.
  • 24. Bot Management Use Cases Attempts to log into and take-over a user’s account by automatically applying previously stolen account credentials Steals public information from a website Adds malicious content to web properties such as forums and registration forms Credential Stuffing Content Scraping Content Spam Fraudulently purchases goods to deprive legitimate customers or resell for a higher price Inventory Hoarding Credit Card Stuffing Tries to validate stolen credit cards to then make fraudulent purchases 24
  • 25. Cloudflare Next Gen Bot Management One-Click Deployment ● With a single click, deploy rules with Cloudflare recommended bot score thresholds ● No instrumentation with third-party JavaScript required Control and Configurability ● Scope rules by path or URI pattern, request method, and bot score thresholds ● Select mitigation methods, such as log, CAPTCHA, or block Rich Analytics and Logs ● Time-series graphs with drill-down tables ● Logs bot management rule, action, and rich request meta-data for every request Detect and mitigate bad bots by leveraging intelligence from over 13 million Internet properties. All with one click.
  • 26. Cloudflare Bot Management Methods Machine Learning Cloudflare’s ML trains on a curated subset of 425 billion requests per day across 13M+ Internet properties to create a reliable “bot score” for every request. Behavioral Analysis Behavioral analysis detects anomalies in site-specific traffic, scoring every request on how different it is from the baseline. Automatic Whitelist Because not all bots are bad, the solution automatically maintains and updates a white list of "good" bots, such as those belonging to search engines. Mobile SDK The mobile SDK prevents attacks against mobile application APIs by impersonation and emulation bots. 26 Detection Protection
  • 27. Cloudflare Bot Management Differentiation 27 Integrated Complete not Complex Cloudflare Bot Management is best-in-class as a stand-alone solution and as integrated with WAF, CDN and DDoS protection: ● Streamlines deployment by integrating with a CDN and smart routing for origin traffic. ● Shares control plane through UI and API with WAF and Firewall Rules for better consistency and lower context switching ● Gives a holistic view through common analytics and logs Deploys a bot management solution against a full range of bot attacks with a single click: ● Deploys protections against content/price scraping, credential and credit card stuffing, content spam, and inventory hoarding -- all in one click. ● Fingerprints all traffic without requiring Javascript injection ● Suggested rules work out-of-the box. No fiddling and endless configuration required to get solid results Smart Data Cloudflare Bot Management leverages the trillions of requests per day processed from protecting 13M+ Internet properties: ● Machine learning trains on data curated from 425B requests per day and analyzed on a state-of-the-art GPU cluster ● Our data set contains traffic from over 150 countries ● Learnings from one website are immediately applied to the whole network
  • 28. Summary 28 How DDoS is evolving Why should bot management also be part of your DDoS mitigation strategy How Cloudflare helps you address these challenges