24
Nov
2014
Getting Your Site Ready for Cyber Monday: How to Use Incapsula to Optimize E-commerce Sitesy

Cyber Monday online sales topped $2 billion for the first time in 2013, coming in at $2.29 billion—another important milestone for the newest shopping holiday. By comparison, online sales for the elder Black Friday were a little more than half, at $1.2 billion.

Though the date is fast approaching, it’s not too late to optimize your e-store for the holiday rush. Let’s walk through how Incapsula can help you stay on top of your game come Cyber Monday and on through the remaining holiday season.

Read more »


12
Nov
2014
DoS Impact Survey - The Actual Cost of DDoS Attacks

During our work, we noticed that there's little understanding out there about exactly how DDoS attacks put businesses at risk. Some companies seem to ignore the risk altogether, while others know the danger is real, but are unsure exactly what that entails.

That's why we thought that it would be a good idea to show the actual impact that DDoS attacks can have on a business. With that in mind, we prepared our first DDoS Impact Survey...

Read more »

11
Nov
2014
Security Blueprints for Amazon Web Services (AWS)

Imperva, our parent company, has just launched its Cloud Reference Architect (CRA)—a framework for protecting web applications in infrastructure-as-a-service (IaaS) environments.

Using Imperva SecureSphere web application firewall (WAF) and complementary products from Incapsula and Skyfence, the new reference architecture provides blueprints (read: templates) for implementing web application security and DDoS protection layers within a public cloud.

Read more »

10
Nov
2014
Shellshock - 28 and some days later

As any security researcher will tell you, zero-days never die young. The reason is simple. Even when rapidly released, official patches are only useful for containment. Left unattended, some resources will remain vulnerable. . These might be some old WP templates using an older version of TimThumb or, in the case of Shellshock, a home router having an outdated Linux installation. One way or another, there are always stragglers for attackers to prey on.

Today, more than thirty days after Shellshock was officially disclosed, there are still plenty of them roaming around...

Read more »

31
Oct
2014

On Thursday, the Drupal Security Team issued a PSA on the Drupal 7 SQL injection vulnerability (SA-CORE-2014-005). The announcement underscores the importance of updating your server to Drupal 7.32.

Incapsula issued an update to our WAF rules on October 15 to protect against SA-CORE-2014-005. Customers who have the WAF enabled are protected against this vulnerability. To confirm SQL injection protection is on, log into your Incapsula account, go to Settings > WAF, and confirm that SQL Injection is set to Block Request.

Read more »

30
Oct
2014
New Data Center Goes Live in Stockholm Sweden

Today we are pleased to announce the activation of Incapsula’s latest data center in Stockholm, Sweden—located in the lucrative Telecity STO1 facility.

With this new point-of-presence (PoP), we’ve expanded our portfolio of connectivity routes to provide better performance to visitors in the Nordic region, Baltic countries, and Eastern Europe.

Read more »

29
Oct
2014
IncapRules - Fighting Comment Spam

IncapRules is a new custom security rules engine that lets you integrate your own policies on top of Incapsula’s core security logic. As we’ve discussed previously in this blog, the IncapRules scripting language is now being used globally by online organizations to gain complete and granular control over application security.

In this post, we’re going to cover how IncapRules can be applied to a prevalent security issue: comment spam.

Read more »

27
Oct
2014
How to Start Making a DDoS Response Plan

Some organizations exhibit strange behavior today when it comes to distributed denial of service (DDoS) attacks. DDoS assaults are becoming more common, increasingly sophisticated, and more costly all the time. Yet organizations continue to rely on the same dated firewall solutions they have always used to protect themselves.

It's clear they need a new strategy to update their DDoS response plan. However, developing such a plan can be a difficult proposition, particularly for organizations that have spent years ignoring the possibility of DDoS attacks.

This is where the Incapsula’s new DDoS Response Playbook can help.

This ebook is filled with useful guidance to help prepare your organization for the current threat landscape—no matter what your present DDoS mitigation strategy looks like. It also helps you in creating a plan if you don’t already have one.

Read more »