Get In Touch
In our global world of business, organizations often have multiple branch offices spanning every country. Some of these branches are quite large with their own IT infrastructure and personnel, while some are very small with just a few employees. In the past, these branch offices were connected to the main office using MPLS or other connectivity in a hub-and-spoke topology. Today, however, many enterprises are adding local Internet break-outs to
Peak shopping season is just around the corner. Is your website prepared? Some websites slow down, and others simply crash, driving users (and revenue) away. Your website needs to accommodate a multitude of devices that will be accessing it, along with the potential for malicious attacks such as Bots and DDoS.
For almost 10 years, there has been a debate over mobile app versus mobile web. Which strategy is right for your business and will consumers really ever buy something with a mobile device? Some of these questions have been clearly answered with time, but some aspects of the debate continue.
The HTTP Archive is an open source project that tracks how the web is built. Twice a month it crawls 1.3 million web pages on desktop and emulated mobile devices, and collects technical information about each of the web pages. That information is then aggregated and made available in curated reports. The raw data is also made available via Google BigQuery, which makes answering interesting questions about the web accessible
On Wednesday, August 22nd, the Apache team patched another vulnerability in the Apache Struts2 framework. Apache Struts is an open-source web application framework for developing Java web applications. The vulnerability exists when these conditions are met: The alwaysSelectFullNamespace flag setting is set to true in the Struts configuration. The Struts configuration file contains an <action ...> tag that does not specify either the optional namespace attribute or a wildcard namespace.
In the first part of this blog post I wrote about how recursive DNS (rDNS) is an attack surface that many enterprises don't currently protect. Bad actors are exploiting that fact and developing advanced targeted threats that use DNS to bypass conventional security tools such as firewalls, secure web gateways and endpoint antivirus.
In the land behind the firewall, build a fortress in the cloud.
Many of our customers conducting business in Europe are concerned about how the new General Data Protection Regulation ("GDPR") impacts the ability to protect their organization's data, network and IT system resources. In particular, many worry that the requirements of GDPR will restrict their abilities to decrypt, analyze or log networking traffic for security purposes. However, enterprises needn't worry, as GDPR actually does permit these types of security controls.
In March 2017, Akamai released a post, "On Web Cache Deception Attacks". A presentation at the Black Hat conference by James Kettle from Port Swigger on web cache poisoning has recently raised awareness of cache poisoning. This is a class of vulnerability with a long history. Cache poisoning can be defended against by properly configuring caching controls on both customer sites and the Akamai platform. Customers should consult with their