Join this webinar with guest speaker Cathy Huang, Associate Research Director for IDC’s Asia/Pacific Services Research Group and Cloudflare, recently named a Leader in the IDC MarketScape: Worldwide DDoS Prevention Solutions 2019 Vendor Assessment (Doc #US43699318, March 2019).
In this webinar, you will learn:
- Why defending against only volumetric layer 3 and 4 attacks will leave you vulnerable to other emerging DDoS attack vectors
- What economic and technological shifts are making DDoS more harmful and more evasive
- Why bot management should be considered in every DDoS mitigation strategy
- Which types of companies in APAC are highly targeted and why
Trends in DDoS and Bots for 2019: Featuring Guest Speaker from IDC
1. Trends in DDoS and Bots for 2019
Featuring Guest Speaker from IDC
2. What you will learn today
2
How is DDoS evolving? Why should bot
management also be part of
your DDoS mitigation
strategy?
How Cloudflare helps you
address these challenges
5. 5
Cloudflare Security Vision
Provide world-class visibility, controls, and guided
configurations so that customers of any size and technical
sophistication can keep their Internet property safe and
secure without sacrificing speed and performance
5
6. A Global Anycast Network
165+Data centers globally
2.8B
Monthly active visitors
generating 1.3 trillion
page view
10%Internet requests
everyday
8MRequests/second
websites, apps & APIs in
150+ countries
13M+
2x
Speed up each
request by
8. Factors increasing exposure to security risks
Greater scrutiny by
government and media
around data, privacy
and security
Greater attack surface area
from more public APIs, moving
to the cloud, and increasing
third-party integrations
Stronger and more
sophisticated attackers
9. IDC MarketScape: WW DDoS Prevention Solutions
IDC MarketScape vendor analysis model is designed to provide an overview of the competitive fitness of ICT suppliers in a given market. The research methodology utilizes a
rigorous scoring methodology based on both qualitative and quantitative criteria that results in a single graphical illustration of each vendor’s position within a given market. The
Capabilities score measures vendor product, go-to-market and business execution in the short-term. The Strategy score measures alignment of vendor strategies with customer
requirements in a 3-5-year timeframe. Vendor market share is represented by the size of the icons.
Cloudflare is positioned as a
Leader
in the IDC MarketScape:
Worldwide DDoS Prevention
Solutions 2019 Assessment
According to IDC, Cloudflare Strengths are its
"unique architecture" and "rapid on-boarding
process which is considered one of the easiest
and fastest in the industry."
Source: IDC MarketScape: Worldwide DDoS Prevention Solutions 2019
Vendor Assessment, by Martha Vazquez, March 2019, IDC
#US43699318
Report Link: here
15. 15
DDoS Attacks Target Business Logic
• Web & Mobile Application layer dealing with end-users becomes a major target for
cyber criminals (e.g. digital banking users, ticket/hotel online booking, or any digital
services)
• Automation is now a key tool in the arsenal of cyber criminals to exploit the weakest
links in the app layer especially the payment gateways
CREDIT
CARD
1234
9876
2345
7654
• Digital transactions have grown exponentially across multiple industries
• Attacker no longer only focusing on compromising credentials & breaching networks but targeting business logic
• Multi- vector attack -- DDoS attack as smokescreen
Business loss not only caused by unavailability of services , but also
• Denial of profit: Enterprises denied of their profit through fraud (e.g. during flash deals)
• Denial of customer satisfaction or diminished customer loyalty: Legitimate customers
denied service causing dissatisfaction ( e.g. during promotions)
21. Industry Legacy Scrubbing vs. Cloudflare Always-On
21
Industry Legacy Scrubbing
- Long propagation times (up to 300 sec)
- Asynchronous routing
- Adds significant latency
- Typically requires manual intervention
Always-On
- Zero propagation time
- Synchronous routing
- No added latency
- Immediate, automated mitigation,
with no “cut over” required
22. Cloudflare DDoS Solution
22
Protect Non HTTP Ports
Spectrum protects
non-HTTP ports open to
the Internet with the same
distributed architecture
Custom Rate Limiting
Customers can tune
Layer 7 protections to
their specific applications
and traffic profile
through rate limiting
rules.
Resilient DNS
Cloudlare’s resilient DNS
protects customers from
going down because
their DNS is
overwhelmed by a
volumetric attack.
Always On DDoS
With automatic
heuristics and a
distributed Anycast
network, Cloudflare’s
Always On DDoS detects
and mitigates Layer ¾
and Layer 7 attacks at
scale.
23. Cloudflare DDoS Differentiation
23
Easy Deployment
Easy to turn-on
protections that mitigate
within minutes and
remain “always on”
without requiring
ongoing maintenance or
configuration.
Integrated
Our integration with Bot
Management and
Firewall Rules gives
additional capabilities
from a single control
plane.
Scale
As our network
continues to grows, so
does our capacity and
data-driven insight to
block attacks
automatically.
24. Bot Management Use Cases
Attempts to log into and
take-over a user’s
account by automatically
applying previously
stolen account
credentials
Steals public information
from a website
Adds malicious content to
web properties such as
forums and registration
forms
Credential
Stuffing
Content
Scraping
Content
Spam
Fraudulently purchases
goods to deprive legitimate
customers or resell for a
higher price
Inventory
Hoarding
Credit Card
Stuffing
Tries to validate stolen
credit cards to then
make fraudulent
purchases
24
25. Cloudflare Next Gen Bot Management
One-Click Deployment
● With a single click, deploy rules with Cloudflare recommended bot score thresholds
● No instrumentation with third-party JavaScript required
Control and Configurability
● Scope rules by path or URI pattern, request method, and bot score thresholds
● Select mitigation methods, such as log, CAPTCHA, or block
Rich Analytics and Logs
● Time-series graphs with drill-down tables
● Logs bot management rule, action, and rich request meta-data for every request
Detect and mitigate bad bots by leveraging intelligence from over 13 million Internet
properties. All with one click.
26. Cloudflare Bot Management Methods
Machine Learning
Cloudflare’s ML trains on a curated
subset of
425 billion requests per day
across 13M+ Internet properties to
create a reliable “bot score” for
every request.
Behavioral Analysis
Behavioral analysis detects
anomalies in site-specific traffic,
scoring every request on how
different it is from the baseline.
Automatic Whitelist
Because not all bots are bad,
the solution automatically
maintains and updates a
white list of "good" bots, such
as those belonging to search
engines.
Mobile SDK
The mobile SDK prevents
attacks against mobile
application APIs by
impersonation and emulation
bots.
26
Detection Protection
27. Cloudflare Bot Management Differentiation
27
Integrated Complete not Complex
Cloudflare Bot Management is best-in-class as
a stand-alone solution and as integrated with
WAF, CDN and DDoS protection:
● Streamlines deployment by integrating
with a CDN and smart routing for origin
traffic.
● Shares control plane through UI and API
with WAF and Firewall Rules for better
consistency and lower context switching
● Gives a holistic view through common
analytics and logs
Deploys a bot management solution against a
full range of bot attacks with a single click:
● Deploys protections against content/price
scraping, credential and credit card
stuffing, content spam, and inventory
hoarding -- all in one click.
● Fingerprints all traffic without requiring
Javascript injection
● Suggested rules work out-of-the box. No
fiddling and endless configuration required
to get solid results
Smart Data
Cloudflare Bot Management leverages the
trillions of requests per day processed from
protecting 13M+ Internet properties:
● Machine learning trains on data curated
from 425B requests per day and analyzed
on a state-of-the-art GPU cluster
● Our data set contains traffic from over 150
countries
● Learnings from one website are
immediately applied to the whole network
28. Summary
28
How DDoS is evolving Why should bot
management also be part of
your DDoS mitigation
strategy
How Cloudflare helps you
address these challenges