With a Billion Yahoo Accounts Exposed, Are We “Bot Bait”

By Corinna Krueger

As a result of the newly disclosed Yahoo breach last week about a billion people’s accounts have been compromised in 2013 , and these people have had their usernames, encrypted passwords and security questions to reset the passwords exposed for years.

“Once an attacker gains access to your email, he is you,” says Omri Iluz, our CEO at PerimeterX, in an interview with CNBC. And most will believe that attacker really is you.

December 21, 2016 account take over, ato, brute-force, yahoo-hack, and cnbc

Make gradual software deployment risk-free with a real-time CDN

By Or Guz

As originally published in TechBeacon

Giving a customer the ability to gradually roll out changes in your product can be a challenge.

See how we simplified the logic and leveraged our CDN's edge scripting language to create customer specific control groups that can be used for A/B testing.

The next time you make a change to your website assets you can feel safe knowing that you are in control.

December 20, 2016 cdn, fastly, gradual deployment, ab testing, and ab

Brute-Force Botnet Attacks Now Elude Volumetric Detection

By Amir Shaked and Inbar Raz

As originally published in DARK Reading.

Ask just about anyone the question “What distinguishes an automated (bot) session from a human-driven session?” and you'll almost always get the same first answer: “Speed.” And no wonder - it's our first intuition. Computers are just faster.

If you focus the question on credential brute-forcing, then it's even more intuitive. After all, the whole purpose of a brute-force attack is to cover as many options as possible, in the shortest possible time. Working quickly is just elementary, right?

Well, it turns out that this is not always the case.

December 19, 2016 botnet, brute-force, IOT, ATO, and account take over

How ‘hoarder’ bots steal sales from online retailers

By Inbar Raz

As originally published in Internet Retailer.
These malicious automated attackers continually add hot products to shopping carts, depleting the inventory an e-retailer believes it has available to ship.

December 16, 2016 hoarding, scalping, application layer denial of service, and e-commerce security

Zero-downtime deployment with Docker

By Eden Maslawi

In this post I will share the process we went through at PerimeterX while searching for ways to speed up our main application deployment, with no downtime.

December 05, 2016 ansible, docker, deployment, rolling update, and HAProxy socket commands