26
Aug
2015
How to Use Zendesk for Customer Service Automation

“The obstacle is the path” is one of the better-known Zen proverbs—one that invites us to view challenges as growth opportunities. This is a very healthy outlook to have when working in technical support, where problem solving and stress tolerance are part of the job description.

Thankfully, there are tech support tools to help you face your path-obstacles. One of these is Zendesk, a versatile platform that streamlines many of the customer service challenges in running a large-scale, multi-tier operation.

Here are some examples of how our own customer support teams use Zendesk to support various service quality policies and work processes...

Read more »


29
Jul
2015
12 Tips for Choosing a Data Center Location

Whether you’re only looking for half a cabinet or carefully laying down a cross-continental deployment strategy, choosing a data center is never a trivial task.

In fact, with most contracts signed for a pre-determined term, this is likely to be one of those make or break decisions that can either boost or cripple your business. Once the hardware is in place, relocating it is both complex and time consuming. As a result, implications of a wrong choice could stretch far further than the immediate loss on a bad investment.

To help you avoid these bad decisions, we present a list of tips for choosing a data center, drawing on lessons learned through years of worldwide server deployments.

Read more »

09
Jun
2015
Q2 2015 Global DDoS Threat Landscape: Assaults Resemble Advanced Persistent Threats

Distributed denial of service (DDoS) assaults continue to be a nuisance for online businesses and their customers. Worse, the downtime caused by attacks is costly for organizations and frustrating for consumers.

With no signs of abating, understanding the methods and capabilities of perpetrators is essential to maintaining good defenses.

In our Q2 2015 DDoS Global Threat Landscape Report we share unique research data, collected in the course of mitigating thousands of DDoS assaults against Imperva Incapsula-protected domains and network infrastructures.

Leveraging this large dataset, we are able to produce statistical research of DDoS events—one which provides a bird’s-eye view of the current state of the DDoS threat landscape, focusing on latest attack methods, attack frequency and duration patterns...

Read more »

26
May
2015
DD4BC's Latest DDoS Extortion Campaign Targets The Payment Industry

Over the past month, a number of Imperva Incapsula customers have received email threats from DD4BC—a DDoS group that, despite its boyband-sounding name, was actually responsible for several high-profile DDoS extortion attacks against bitcoin companies last year.

DD4BC's previous attacks targeted bitcoin exchanges and gaming sites, presumably due to the assumption that these types of businesses would refrain from reporting attacks to law enforcement authorities. Based on the recent threats we've seen, it would appear that DD4BC has also started targeting the payment industry...

Read more »

12
May
2015
Lax Security Opens the Door for Mass Scale Abuse of SOHO Routers

Small Office / Home Office (SOHO) router security has recently become a hot topic. For those who are unfamiliar with the situation, it can best be described as negligent, with ISPs, vendors, and users sharing a long tradition of disregarding basic security practices. The result of this negligence is the existence of hundreds of thousands—more likely millions—of hacker-controlled routers used to attack the Internet ecosystem and interconnected networks.

Several dozen Imperva Incapsula customers were recently targeted by one such DDoS botnet comprised of tens of thousands of hijacked routers. After informing the major companies involved, we are sharing attack details in an attempt to raise awareness about the dangers posed by under-secured, connected devices.

The attacks we will describe are enabled by what we perceive as particularly careless security practices. Many of these botnet devices remain active, continuing to play a role in attack attempts against our clients and other websites, even as this is being written...

Read more »

31
Mar
2015
Shotgun DDoS Attacks Originating from Anonymous Proxies

The idea behind these attacks is to leverage a large number of open proxies to turn a single-source DoS attack into a distributed one (DDoS), making it much harder to mitigate.

In such attacks, the perpetrator’s first step is to harvest a list of publicly available proxy servers, using a DYI script of one of many list or tools available online.

Next, using a modified version of DoS toolkit or homebrew DoS script the perpetrator sends out a slew of malicious request through each of the harvested IPs...

Read more »


05
Mar
2015
Why DDoSers Have Their Eyes on SaaS, and What You Can Do About It

In recent years Software as a Service (SaaS) emerged as one of the most targeted online industries. This isn’t particularly surprising as, for several key reasons, SaaS companies are especially vulnerable to DDoS attacks.

In this post we’ll talk about:

  • What makes SaaS companies so attractive to perpetrators
  • What are the typical DDoS threats SaaS companies have to face
  • Basic steps SaaS companies should take to minimize the threat
Read more »

26
Feb
2015
Layer 7 Visibility - Beyond the Buzzword

As a website operator you’ve probably heard vendors, including Incapsula, mention the benefits of layer 7 visibility. However, you may not have ever received a clear explanation as to why it is important to your organization.

In this post, we’ll go beyond buzzwords and delve into the advantages of layer 7 visibility as a DevOps tool used for load balancing and DDoS mitigation.

Read more »