By Corinna Krueger
As a result of the newly disclosed Yahoo breach last week about a billion people’s accounts have been compromised in 2013 , and these people have had their usernames, encrypted passwords and security questions to reset the passwords exposed for years.
“Once an attacker gains access to your email, he is you,” says Omri Iluz, our CEO at PerimeterX, in an interview with CNBC. And most will believe that attacker really is you.
December 21, 2016
account take over, ato, brute-force, yahoo-hack, and cnbc
By Or Guz
As originally published in TechBeacon
Giving a customer the ability to gradually roll out changes in your product can be a challenge.
See how we simplified the logic and leveraged our CDN's edge scripting language to create customer specific control groups that can be used for A/B testing.
The next time you make a change to your website assets you can feel safe knowing that you are in control.
December 20, 2016
cdn, fastly, gradual deployment, ab testing, and ab
By Amir Shaked
and Inbar Raz
As originally published in DARK Reading.
Ask just about anyone the question “What distinguishes an automated (bot) session from a human-driven session?” and you'll almost always get the same first answer: “Speed.” And no wonder - it's our first intuition. Computers are just faster.
If you focus the question on credential brute-forcing, then it's even more intuitive. After all, the whole purpose of a brute-force attack is to cover as many options as possible, in the shortest possible time. Working quickly is just elementary, right?
Well, it turns out that this is not always the case.
December 19, 2016
botnet, brute-force, IOT, ATO, and account take over
By Inbar Raz
As originally published in Internet Retailer.
These malicious automated attackers continually add hot products to shopping carts, depleting the inventory an e-retailer believes it has available to ship.
December 16, 2016
hoarding, scalping, application layer denial of service, and e-commerce security
By Eden Maslawi
In this post I will share the process we went through at PerimeterX while searching for ways to speed up our main application deployment, with no downtime.
December 05, 2016
ansible, docker, deployment, rolling update, and HAProxy socket commands