Name: How Applications are attacked - A year in application security
Start: 2023-09-27T14:00:00Z
End: 2023-09-27T14:00:47.000Z
Location: BrightTALK
Rating: 4.3

Cloudflare is a global network designed to make everything you connect to the Internet secure, private, fast, and reliable. We offer Application Security, CDN, DNS, DDoS Protection, SASE, Zero Trust, and Developer Services. Find out how we can help to build a better Internet. 

"Securing modern work across users, devices, applications, networks, and clouds has never been more complicated. In a recent Forrester Consulting study commissioned by Cloudflare, 39% of IT and security respondents admitted that their organizations have lost control over their digital environments due to complexity challenges. 

Lost digital control can have consequences on customer experiences, employee productivity, time to market, risk profile, and more. A new approach is needed to address this critical business challenge and help organizations avoid these pitfalls and restore control. 

In this webinar, guest speaker, Heath Mullins, Senior Analyst at Forrester, will present on the landscape of digital complexity. Attend this session to learn more about: 
Factors that contribute to loss of IT and security control
Business implications as a result of lost control  
How Cloudflare’s connectivity cloud helps manage the chaos"

Regain IT & Security Control: Cloudflare’s Connectivity Cloud Tames Complexity

Over the past year we’ve seen the rise in the use of AI bring about massive productivity and creativity increases, but also an increasing amount of security risk in the form of data exposure. However, AI is here to stay, and businesses and their security teams need to adapt to make sure teams can benefit from its capabilities, while limiting any potential risk. At the same time, in its evolving landscape, more and more developers are starting to integrate AI in business apps without optimizing for cost, performance or security.

Join us in this innovation driven session on AI and security, where we explore:

- The data security risks associated with employees using generative AI and their impact on companies.
- Strategies for balancing the data security risks and benefits of permitting users to employ generative AI safely.
- The tools available to help developers integrate AI into their applications while minimizing the risk of excessive cloud expenses and data exposure.

Generative AI Security: Balancing the risks and rewards of using AI

Western Health is the major healthcare provider to western Melbourne, one of the fastest growing and most diverse regions of Australia. In recent years, Western Health has partnered with Cloudflare’s connectivity cloud to modernize and consolidate its IT and security across its 11,000 employees and four public hospitals.

Join Cameron McBride (Director, Digital Technology Services, Western Health) and Fernando Serto (Field CTO, Cloudflare) in a conversation exploring this journey, including:

- How Western Health has strengthened its security posture with Zero Trust best practices
- What use cases Western Health has prioritized with practical guidance to achieve success
- How consolidating IT and security with a connectivity cloud is unlocking opportunities for digital transformation

How a leading healthcare provider mitigates risk and saves money with cloud

The threat landscape challenges cybersecurity practitioners everywhere, and preparation is a priority for leaders across the Asia-Pacific region. According to Foundry’s 2022 Security Priorities Study, 53% of APAC enterprises view preparedness in responding to security incidents as their #1 priority.  

A recent Cloudflare survey of more than 4,000 security decision-makers across the region shows that there’s still work to be done; less than half of respondents feel they were highly prepared to prevent security incidents. This despite 76% experiencing a greater number of incidents in the past 12 months. 

This CSO webinar – featuring Fernando Serto, Field Chief Technology Officer APJC of Cloudflare and Deepak Maharaj, Head of InfoSec Architecture, Engineering and PMO at AirAsia – will outline the state of cybersecurity priorities across the region, covering key business challenges while outlining areas of best practice.  

How can cybersecurity leaders address rising threat levels? How can they support business growth and protect their organisations at the same time? What are some key considerations for cybersecurity leaders when developing their 90-day plan? 

Our points of discussion

- Exploring the threat landscape across the region  
- Sharing challenges in effectively protecting enterprises 
- Outlining strategies for identifying vulnerabilities / Sharing common blind spots in threat detection 
- Exploring best practices, hiring diverse teams, setting goals

Securing Tomorrow: Top Cybersecurity Priorities in the Face of New Threats

Your employees work everywhere. Your physical locations span the globe. Your applications run on-prem, in the cloud, or likely some combination of both. 

IT teams are tasked with connecting everything, everyone, everywhere—all while meeting complex security and performance requirements. And legacy WANs just weren’t built for secure connectivity the way modern organizations need them to be. 

Join this webinar to learn about: 

- Simplifying branch and hybrid/multi-cloud connectivity
- Converging networking and Zero Trust security with SASE
- Scaling WAN performance while reducing costs
- How Cloudflare’s connectivity cloud is uniquely positioned to solve these challenges

Simplify the path to SASE with Magic WAN Connector

Nobody likes CAPTCHAs, and bots are getting past CAPTCHAs faster than humans. According to Forrester Research, 19% of US adults said that they abandon transactions because of a CAPTCHA. Cloudflare Bot Management provides a frustration-free, CAPTCHA-free web experience to your website visitors.

Join our experts as they discuss managing bots and abusive traffic. In this webinar, you’ll:

- See how legacy methods to stop bots provide a poor user experience, allow abusive traffic, and overwork IT teams
- Discover why 60,000 enterprises and small businesses are using the latest Bot Management capability: Turnstile 
- Learn about Cloudflare’s layered security model for bot management
- See how Cloudflare Bot Management stops bots and mitigates fraud with our Managed Challenge and Turnstile capabilities – without CAPTCHAs
- Watch Cloudflare Bot Management in action in a live demo

How to stop bots without CAPTCHAs

Join our upcoming webinar, as we delve into the dynamic landscape of cybersecurity challenges. This practical session is tailored for cybersecurity specialists of all calibers seeking actionable insights. Explore the intricacies of mitigating evolving application layer attacks through a comprehensive discussion, complete with real-world examples.

The webinar will feature a live dashboard demo showcasing cutting-edge security tools, providing participants with tangible solutions to bolster their defense strategies. Engage in a robust Q&A session to address specific concerns and glean expert advice for navigating the ever-evolving cybersecurity terrain.

Here is a summary of what will be covered in this webinar:

- Understanding the Landscape: Explore the current state of DDoS, bot, and application layer security threats.
- Real-world Scenarios: Delve into practical examples of recent attacks and their impact on organizations.
- Mitigation Strategies: Uncover effective countermeasures and mitigation techniques to enhance security posture.
- Live Demo: Witness a hands-on demonstration of state-of-the-art security tools through a comprehensive dashboard showcase.
- Q&A Session: Engage with our cybersecurity experts in a dynamic question and answer session to address your specific challenges and concerns.

Responding to evolving DDoS, bot and app security challenges: Facts & threats

The shift to SaaS-delivered corporate applications shows no signs of letting up — and pressure is growing on IT leaders to modernize corporate networks, simplify connectivity, and improve end-user experiences. In this session, we’ll discuss strategies for accomplishing all three. 

Join this live replay session from our flagship Connect event to learn: 

Why SD-WAN is not enough for modern work
What a SASE architecture looks like
How to roadmap your current state of connectivity to an end state of SASE

Making the journey from MPLS to SASE

The financial services industry continues to be a popular attack target, in large part due to the sensitive data and personal information financial institutions safeguard. These institutions are subjected to data scraping, credential stuffing, network intrusion attempts, and more — all while needing to provide fast, reliable service for their end-users and remain compliant with the strictest possible privacy and security regulations. 

Q2 delivers SaaS solutions for financial institutions. Cloudflare, a chosen partner of Q2, enables Q2 to bring their customers visibility across the threat landscape and potential attack vectors that are important to monitor. Join Q2 Principal Security Architect Josh Pena and Cloudflare Product Marketing Manager Catherine Newcomb to learn how SaaS platforms like Q2 can:

Use Cloudflare as a defense capability which creates an important differentiator with their own customers
Break down traditional complex IT barriers that impede threat visibility
Protect sensitive data and systems with modern tactics

How Cloudflare helps financial institutions improve visibility into threats

Modern knowledge workers spend the vast majority of their time leveraging cloud-based productivity tools like collaboration suites, email, chat, and now emerging AI tools like ChatGPT. As these SaaS and cloud apps are becoming increasingly essential, they have also increasingly become targets for data exfiltration by threat actors. 

In fact, 82% of breaches today involve data stored in cloud environments. The good news is Gartner says that 99% of cloud breaches are preventable misconfigurations or mistakes by end users. 

In this webinar, we’ll provide tangible use cases to modernize your data protection strategy and reduce your data risk with Cloudflare. Join to this session to learn: 

How CISOs can protect source code and secure opaque AI tools
Recommendations for improving data visibility, control, and compliance
Benefits of adopting a Zero Trust approach to mitigate modern data risks

Three recommendations to modernise your data protection with Cloudflare One

Welcome to Cloudflare CIO Week 2023!

This CIO Week we’ll demonstrate how Cloudflare is helping CIOs keep data, devices and employees both safe and fast across hybrid and remote environments. We’ll show how Cloudflare accelerates digital transformation and modernizes networking and security towards a Zero Trust model.

In this episode, tune in for a conversation with Cloudflare's CIO Juan Rodriguez, and Corey Mahan.

Tune in all week for more news, announcements, and thought-provoking discussions!

Fireside Chat with Juan Rodriguez Estevez

Many organizations store large, infrequently changing assets - videos, images, or large binary files on cloud provider networks for easy access. While this is more efficient and scalable than on-premises storage, anytime an asset is fetched from the origin server, an egress fee or “egress tax” is incurred. These egress fees can become a significant cost that is usually miscalculated or ignored during budgeting.

Cloudflare’s Cache Reserve helps minimize egress fees by reducing unnecessary origin egress and optimizing cache hit ratios.

Join us as we discuss:
- The limitations of legacy storage solutions
- Why cloud egress fees are a major "hidden charge" for organizations
- How Cloudflare CDN and Cache Reserve can help maximize savings and optimize performance
- A technical walkthrough of these solutions

Cache Reserve: Eliminating the Creeping Costs of Egress Fees

This webinar will explore the environmental impact of each hop in a packet’s journey across the Internet, from end user to application, and break down how organizations can reduce their carbon impact by migrating security and networking functions away from legacy hardware to the cloud.

Cloudflare takes a holistic and transparent approach to sustainability including publishing a yearly Impact Report, where they incorporate actions to contribute to a more sustainable internet. Through the report, Cloudflare showcases their commitment to advancing their mission, making a positive impact on billions of internet users worldwide.

How transitioning to cloudnative architecture improves security & sustainability

As a go-to productivity suite for many businesses, Microsoft 365 delivers excellent native security defenses to help teams collaborate and communicate safely. 

Over the years, built-in security for SaaS apps has improved to block some of the more common threats targeting organizations. However, bad actors are simultaneously evolving to become more evasive. Today’s attacks are increasingly more targeted and sophisticated with the ability to bypass native app security functionality. 

In this webinar, learn how layering a Zero Trust approach to enhance your Microsoft 365 security can proactively stop attacks and significantly minimize cyber threats like phishing, data exfiltration, account takeover, and more.

Join this session to:

Deep dive into how this joint solution targets Microsoft 365 security challenges and threats
Study the customer & vendor shared responsibility model for Microsoft security
Understand how Cloudflare Zero Trust services such as Area 1 Email Security, CASB, and Access can prevent, block, and isolate threats across Microsoft 365

Enhance your Microsoft 365 security with Cloudflare Zero Trust

Cyber Weekend delivers plenty of holiday cheer for customers and online retailers alike. Last year it delivered record revenues topping $68 billion in the US, and as much as $281 billion worldwide. 

A reliable, fast, and fair user experience is essential for a successful Cyber Weekend. However, many factors can stand in the way. Traffic spikes — a common occurrence in the holiday season where too many users can overwhelm your applications and infrastructure with legitimate traffic — can lead to slow performance or downtime. Add to that malicious automated traffic, from bots like Grinch bots that can hoard inventory, and the impact to your business outcomes is only made worse.

When used together, Cloudflare Bot Management and Waiting Room not only protect your site reliability but also enhance your customers’ shopping experience. Discover how you can safeguard your business from overwhelming traffic spikes and greedy Grinch bots, ensuring a smooth and successful holiday season.

In this webinar, you will learn how Cloudflare:
- Protects your services from sudden traffic spikes to ensure a fast and reliable end-user experience
- Prevents bad bots from hoarding inventory and overwhelming your site
- Can maximise your savings with our limited time offer

Strategies for handling traffic spikes and bot attacks

Cloudflare, along with Google and Amazon AWS, disclosed the existence of a novel zero-day vulnerability dubbed the “HTTP/2 Rapid Reset” attack. This attack exploits a weakness in the HTTP/2 protocol to generate enormous, hyper-volumetric Distributed Denial of Service (DDoS) attacks. Cloudflare has mitigated a barrage of these attacks in recent months, including an attack three times larger than any previous attack we’ve observed, which exceeded 201 million requests per second (rps). Since the end of August 2023, Cloudflare has mitigated more than 1,100 other attacks with over 10 million rps — and 184 attacks that were greater than our previous DDoS record of 71 million rps.

Learn about the HTTP/2 Rapid Reset flaw, the ongoing DDoS attack campaign, and best practices to protect your organization with Cloudflare CSO, Grant Bourzikas, and Cloudflare Field CTO, John Engates.

HTTP/2 Rapid Reset DDoS Attack Campaign

Whether you call them browser supply chain attacks, 3rd party dependency attacks, Magecart style attacks, or anything else, compromised JavaScript dependencies are hard to detect, even with the best security teams. Compromised dependencies, such as in an analytics plugin, a chatbot, or a credit card payment tool, can compromise your users’ security and data – not to mention run afoul of regulations like PCI DSS compliance. 

Join this session to see our client-side security in action and learn how to integrate defense against browser supply chain attacks into your app security posture to:

- Monitor and track 3rd party scripts loaded in your web apps 
- Alert on changes to those dependencies 
- Comply with client-side security requirements in regulations like PCI DSS

Defending against client-side browser attacks

Application programming interfaces (APIs) drive every aspect of business today — and their influence will only continue to grow--as will the risks they pose to business. Join us as John Engates and Saikrishna Chavali of Cloudflare explain what today’s business leaders need to understand about the benefits — and security concerns —associated with APIs. In this free one-hour webinar, moderated by business and technology journalist Wade Roush, you’ll learn:

● What APIs are.
● How APIs affect everything from transactions to mobile apps to supply-chain
relationships.
● What you need to know about potential data exposure from APIs.
● What to ask your security team about mitigating API risks.

APIs: Understanding the Business Benefits – and Risks

Cloudflare sees up to 61 million requests per second, meaning we have an unprecedented view into Internet trends like application attacks and API traffic, and automated bot activity. We have put that incredible visibility to use by profiling a year of attacks targeting the applications that run business.

Join Cloudflare Field CTO Trey Guinn and Product Marketing Director, Dan Gould, as they discuss key attacks that organizational security postures must account for such as: 

Most commonly mitigated attacks
The rise of brute force account takeover
How DDoS attacks compares to application attacks
The role of bad bots vs. verified bot traffic
Where API traffic fits in - and how attackers target APIs

How Applications are attacked - A year in application security

App Security

DDoS

APIs

API Management

API Security

DDoS Attacks

Cyber Attacks

API Traffic

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

The application development community features top thought leadership focusing on optimal practices in software development, SDLC methodology, mobile app development and application development platforms and tools. Join top software engineers and coders as they cover emerging trends in everything from enterprise app development to developing for mobile platforms such as Android and iOS.

Application Development

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

How Applications are attacked - A year in application security

Presented by

About this talk

More from this channel