Tales from the Front Lines
Tales from the Frontlines: API Sentinel Drives Security Collaboration
According to Gartner, there are as many as 40 vendors in the (fragmented) API security space. Many take the approach of targeting development with new variations of testing tools or ways to ...
Tales From the Front Lines: New Applications Protected in Just 33 Minutes
In this week’s blog, we will talk about two recent customer scenarios where the value of our no JavaScript or SDK approach became evident in minutes: when customers needed to prevent an ...
Tales From the Front Lines: Retail Customer Stops $200k Gift Card Fraud Scheme
Our standard customer engagement process is to deploy Bot Defense into a customer environment to prove our value. We are often deployed alongside an existing general-purpose bot mitigation solution, with the customer ...
Tales from the Front Lines: Retailer Prepares for Holiday Bot Battle in a Matter of Weeks
Following on the retail win posted previously, this week’s win is a clothing and home décor retailer that had an account takeover/credential validation challenge that their incumbent solution was unable to address ...
Tales from the Front Lines: Large Retailer Achieves Near Immediate Time-to-Value
One of our newest customers is a large, community-based retailer that had a mobile application and API account takeover problem. Roughly 12 months ago, they selected a JavaScript and SDK-based bot mitigation ...
Tales from the Front Lines: How Third-Party APIs Simplify Enumeration Attacks
As a mechanism to offload PCI risks, many retailers are now using third-party credit card processing for their online transactions. The retailer’s benefit is they are no longer handling the credit card ...
Tales from the Front Lines: Whitelist and Forget, A Cautionary Tale
Stopping attackers and their malicious intent is every security practitioners’ goal. But there are times when we need to grant unfettered access to network resources for day-to-day operations. Better known as whitelisting, ...
Tales from the Front Lines: Maintaining Detection Efficacy (and Your Cool) in the Summer Heat
In a previous blog, I talked about how the Covid-19 pandemic lockdown had corresponded to an increase in attack intensity. Since then, different parts of the country have begun to reopen, and ...
Tales from the Front Lines: Attackers Target APIs with GET-Based ATOsÂ
This blog will describe how account takeovers (ATO) can be executed against APIs using GET methods, as opposed to POST. It’s an excellent example of how bad actors will analyze an application ...
Tales from the Frontlines: Increasingly Sophisticated Cat and Mouse Games Â
The last Tales from the Frontlines post focused on a single customer and the attack volume increase they experienced following the COVID-19 lockdown. In this installment, we will look at the increasingly ...
