15
Apr
2015
Incapsula’s New DDoS Downtime Calculator

Risk assessment is a critical part of any security strategy. Only by understanding the real risks associated with a given threat can you determine the most appropriate way to address them, as well as the right level of investment.

Incapsula’s new DDoS Downtime Calculator is designed to help you assess the risks associated with an attack, offering case-specific information adjusted to the realities of your organization...

Read more »

09
Apr
2015
Infrastructure Protection for Individual IP Addresses

Our third and final announcement for today is a new service that allows more organizations to benefit from Incapsula DDoS protection solutions.

This new feature overcomes an innate router limitation that restricts the deployment of BGP-enabled protection to users with at least an entire Class C IP subnet.

We expect that this newfound ability to will make Infrastructure Protection the go-to option for organizations with smaller networks looking for a robust, versatile, and cost-effective DDoS mitigation solution...

Read more »

09
Apr
2015
Incapsula Introduces Turnkey SIEM Integration

The second part of our enterprise-grade feature series is a new API package that provides turnkey SIEM integration with leading security information and event management (SIEM) systems, including HP ArcSight and McAfee Enterprise Security Manager.

This solution enables enterprises to effortlessly assimilate Incapsula’s security information into their SIEM systems, allowing them a near real-time snapshot of all important security-related information and events within their network...

Read more »

09
Apr
2015
New Feature Provides Live Information about DDoS Attacks

We are excited to announce the launch of three new enterprise-grade features that will help our client integrate Incapsula’s protection solutions into existing enterprise workflows.

The first of these upgrades is a monitoring and notification feature that provides new visibility options for our infrastructure protection customers, who use Incapsula-provided information in their incident response processes.

With this new feature our customers will benefit from real-time notifications about all types of DDoS attacks, regardless of protocol and service, enabling data-driven early response and mitigation...

Read more »

31
Mar
2015
Shotgun DDoS Attacks Originating from Anonymous Proxies

The idea behind these attacks is to leverage a large number of open proxies to turn a single-source DoS attack into a distributed one (DDoS), making it much harder to mitigate.

In such attacks, the perpetrator’s first step is to harvest a list of publicly available proxy servers, using a DYI script of one of many list or tools available online.

Next, using a modified version of DoS toolkit or homebrew DoS script the perpetrator sends out a slew of malicious request through each of the harvested IPs...

Read more »

30
Mar
2015
Analysis of Vikingdom DDoS Attacks on U.S. Government Sites

Over the past two weeks, a cyber vandalism group using the Twitter handle @Vikingdom2015 (currently suspended) has been targeting various high-profile U.S. federal and state government websites with DDoS attacks.

On March 18, during one of the initial attacks, one of @Vikingdom2015’s victims contacted Incapsula for assistance with mitigation. As soon as they on-boarded their website, we saw a DDoS attack targeting our Seattle PoP, peaking at ~8.74 Gbps and 2.4 million packets per second...

Read more »

26
Mar
2015
Announcing Four New Data Centers and Our First PoP in South America

Today we are excited to announce the parallel activation of four new data centers. These will enable us to further improve our worldwide service to clients in strategic regions.

Our new data centers are located in:

  • Sao Paulo, Brazil
  • Toronto, Canada
  • Warsaw, Poland
  • Madrid, Spain

This coordinated deployment brings the total number of Incapsula data centers to 25, thereby extending Incapsula's global coverage, improving its resilience to DDoS attacks, and further enhancing performance for all Incapsula content delivery network (CDN) clients.

Read more »

19
Mar
2015

Earlier today, The OpenSSL Project released an update to address a number of security flaws, including a new vulnerability classified as “high” severity. The versions of OpenSSL to be patched are 1.0.2, 1.0.1, 1.0.0 and 0.9.8. The high-severity vulnerability exists only in v1.0.2, according to the advisory.

This new high-severity vulnerability could be exploited to launch a denial-of-service (DoS) attack against a server by renegotiating an SSL connection with an invalid signature algorithm extension.

Incapsula is not using v1.0.2 of OpenSSL and as a result the new OpenSSL vulnerability has no impact on our network.

Moreover, since Incapsula terminates all SSL connections before passing them to origin servers, all Incapsula-protected domains are also secured by default, even before applying the patch on their end.

Read more »

11
Mar
2015
Meet Us at WHD.global 2015

In two weeks Incapsula team will be at WHD.global, one of world’s premier events for the hosting and cloud service industry.

The conference will take place on March 24-26 at Europa-Park in Rust, Germany. Incapsula will be exhibiting throughout the show at Booth G10.

Read more »