Name: The Invisible Breach: How Modern Credential‑Stuffing Evades Your App‑Layer Defenses
Start: 2025-08-12T15:00:00Z
End: 2025-08-12T15:00:49.000Z
Location: BrightTALK
Rating: 4.9

Radware is a global leader of cyber security and application delivery solutions for physical, cloud, and software defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection and availability services to enterprises globally. Radware’s solutions empower enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down. For more information, please visit www.radware.com.

API’s vormen de basis van digitale communicatie tussen verschillende softwaretoepassingen, maar ze openen ook de deur voor geavanceerde aanvallen die traditionele tools niet kunnen stoppen.
Business Logic Attacks (BLA’s) misbruiken legitieme workflows, omzeilen WAF’s en gateways, en door het gebruik van AI worden ze nu nog gevaarlijker.

Schrijf je in voor een live sessie met Ronald Kruyt op 19 februari om 10:00 uur CET waarin je leert:
• Waarom API-aanvallen en BLA’s sneller groeien dan beveiligingsmaatregelen,
• Hoe aanvallers Business Logic en API-flows in real time misbruiken,
• Radware’s end-to-end aanpak, die runtime posture management combineert met AI-gedreven, geautomatiseerde protectie,
• Praktische stappen om API’s te beveiligen in hybride en cloud-native omgevingen.
Wacht niet op het volgende datalek: ontdek hoe je API’s kunt beschermen met doorlopende risicobeoordeling, real-time mitigatie en beveiliging gedurende de volledige levensduur.

API-beveiliging in een door AI gedreven wereld: Real-time bescherming tegen zogenoemde Business Logic Attacks (BLA)

APIs have become the new digital supply chain, connecting users, applications, and data across cloud and AI ecosystems. But this interconnectedness has opened a silent front in cybersecurity. Attackers are now exploiting misconfigurations, weak authentication, and business logic flaws to move laterally through trusted API pathways, often undetected by traditional defenses. 

In this session, we’ll explore the anatomy of modern API attacks, from data harvesting and token replay to business logic abuse and AI-assisted reconnaissance. We’ll also examine why traditional application security controls fall short, and how Radware delivers visibility, behavioral anomaly detection, and mitigation at scale. Understand how Radware detect and mitigates attacks on APIs without slowing innovation.

Unseen and Unchecked: The Hidden Risks Lurking in Your APIs

As IT managed services delivery has gone from break fix and local to proactive and global, revenue had grown exponentially. But with digital transformation and a broader MSP community has come inherent risk.

With 63% of channel partners saying they have had to change their tech stacks following a cyber issue, and with MSPs losing 17% of their customers in 2025 due to cybersecurity breaches, it is time we all face up to the new reality of being an MSP and delivering IT services to customers.

This webinar delves into the data on challenges and opportunities for MSPs today, how they can ensure they don't become a risk to clients, and what the next generation of cyber-first MSPs will look like.

From risk to revenue: The cyber-first MSP revolution

Los ataques ya no fuerzan la puerta: ahora explotan APIs y flujos autorizados para ejecutar fraude automatizado, desde secuestro de sesiones y transferencias encadenadas hasta abuso de límites, enrolamiento y pagos digitales. En este webcast exploraremos cómo los bots imitan usuarios reales, cómo la lógica de negocio se convierte en el principal vector de riesgo y qué tácticas permiten detectarlos sin fricción ni impacto en la experiencia del cliente legítimo.
Acompáñanos para ver casos reales y demostraciones en vivo de cómo identificar y mitigar este tipo de ataques antes de que se conviertan en pérdidas financieras.

Amenazas Críticas en APIs y Lógica de Negocio: Bienvenido a la Era de los Bots

[Video Upload] Amenazas Críticas en APIs y Lógica de Negocio: Bienvenido a la Era de los Bots

As generative AI fuels a wave of sophisticated cyberattacks and changes the threat landscape, from deepfake phishing to AI-powered botnets, traditional Security Operations Centers (SOCs) are reaching a breaking point. Alert fatigue, manual processes, talent shortages, and fragmented hybrid environments leave defenders at a constant disadvantage.

In this 30-minute fireside chat, we’ll explore how modern enterprises, MSSPs, and connectivity providers can fight back, by turning AI from a threat into a strategic asset. 
Join us for an engaging conversation on how AI-driven automation is transforming SOC operations, reducing Mean Time to Resolution (MTTR), and restoring control.

Discussion topics will include:

• How attackers are using GenAI to bypass traditional defenses at scale
• Why SOCs are struggling across industries - not just regulated sectors
• Real-world examples of AI-augmented threat detection and response
• Best practices for accelerating root cause analysis and streamlining lifecycle management

Whether you operate an enterprise SOC or deliver managed detection and response services, this session will offer actionable insights to modernize your security posture and stay ahead in an AI-accelerated threat landscape.

AI-Driven Cyber Resilience: Transforming SOC Operations for Modern Enterprises and MSSPs

Los ciberatacantes ya están usando inteligencia artificial para lanzar ataques más sofisticados que nunca: DDoS masivos, Bots indetectables y abusos de APIs. 
¿Cómo responder con la misma velocidad e inteligencia?
En este webinar descubrirás cómo enfrentar la IA atacante con IA defensiva, reduciendo drásticamente el tiempo de reparación y minimizando falsos positivos. 
Verás en vivo cómo detectar y mitigar ataques complejos, incluyendo una demo de Account Takeover (ATO) y otra de DDoS, con el SOC X AI actuando en tiempo real.
Acompáñanos y conoce cómo pasar de la reacción lenta a la defensa inteligente y automática.
¡Regístrate ahora!

IA vs IA: Controlando ataques avanzados

¿Estás listo para llevar tu oferta de seguridad al siguiente nivel? 
En este webinar descubrirás cómo transformar tu modelo de negocio con el enfoque MSSP de Radware, maximizando rentabilidad y diferenciación en el mercado. Ariremos la sesión con una visión estratégica sobre los desafíos actuales en la gestión de seguridad aplicativa y cómo los canales pueden aumentar sus márgenes y el valor percibido por sus clientes. Luego, tendremos una demostración técnica de la consola MSSP de Radware, incluyendo planes disponibles, integración vía API Keys y un ejemplo práctico. Finalmente, exploraremos la gestión de módulos CWAAP desde el tenant MSSP, destacando la autosuficiencia operativa y la facilidad de uso para operadores no certificados. 
¡No te lo pierdas!

Conecta con Radware y las soluciones que fortalecerán tu portafolio tecnológico

Transforma tu oferta de seguridad con el modelo MSSP de Radware

With the accelerating adoption of Gen AI, organizations are experiencing dramatic shifts in bot traffic patterns, often without full visibility into what’s hitting their infrastructure or how to effectively manage it.

In this webinar, we’ll explore the surge in AI-driven bot activity and explore AI-powered approaches to bot management and response. You’ll gain insights into:

The Rise of AI Crawlers: Why AI crawlers are exploding in volume, what the data reveals about current trends, and managing AI-driven bot traffic

AI-Powered Bot Detection & Mitigation: How Radware’s AI-powered bot protection ensures comprehensive protection from sophisticated, evasive bots

Intelligent Response and Analysis: Leveraging AI-based analysis to streamline bot incident response and accelerate mitigation of evolving threats for faster resolution

Whether you’re seeing unexplained traffic spikes, are concerned about resource consumption, or looking to strengthen your bot protection and response strategy, this session will provide actionable insights and practical approaches for managing the new reality of AI-driven bot traffic.

Managing AI-driven Bot Traffic: From Visibility to Response

[Hosted by Radware for the Health-ISAC]

Modern cyber threats are quietly reshaping the security landscape of
healthcare. In this session, I’ll unpack how attackers are leveraging AI-
driven automation, advanced evasion techniques, and business logic
abuse to target applications, APIs, and patient data. Drawing from
Radware’s Cyber Threat Intelligence, we’ll explore how threat actors are
adapting their methods to exploit healthcare-specific technologies—
from identity systems to third-party integrations. Attendees will gain
actionable insights into emerging attack patterns, evolving account
takeover strategies, and defense priorities to protect critical services,
ensure operational continuity, and safeguard patient trust.

Learning Objectives:

• Analyze emerging AI-driven attack patterns targeting healthcare
applications, APIs, and identity systems using insights from Radware’s
Cyber Threat Intelligence. 

• Understand how business logic abuse and account takeover
techniques are evolving to exploit healthcare-specific workflows and
third-party integrations. 

• Apply strategic defense measures to protect patient data, ensure
operational continuity, and secure critical digital services across
healthcare environments.

Unseen Scalpel: Precision Threats Targeting Healthcare’s Digital Core

As Web DDoS attacks surge in scale and sophistication, organizations are facing a new kind of threat — one that operates in the gray zones of application-layer traffic. These Layer 7 attacks are stealthy, persistent, and increasingly effective at bypassing traditional defenses like rate limiting and geo-blocking.
In this exclusive webinar, Radware is proud to host IDC, one of the most influential voices in the cybersecurity and IT research space. With unparalleled visibility into global threat trends and enterprise security strategies, IDC will share their latest insights into the rise of Web DDoS attacks, why they’re becoming more complex, and how attackers are exploiting blind spots in current protection models.

Join us to explore:

* The evolution of DDoS attacks from volumetric to application-layer
* Why Layer 7 attacks are harder to detect and mitigate
* The limitations of today’s security tools — and what’s needed next
* Real-world examples of how attackers are exploiting “gray zone” traffic
* IDC’s expert perspective on how enterprises should respond

Whether you're a security leader, IT strategist, or product owner, this session will equip you with the knowledge to rethink your DDoS defense strategy for 2025 and beyond.

Web DDoS in 2025: Why Attackers Know the Gray Zones Better Than You

Os ataques automatizados para assumir o controle de contas legítimas estão crescendo rapidamente na América Latina.
Hoje, os cibercriminosos não dependem apenas de senhas vazadas — eles utilizam bots sofisticados que imitam o comportamento humano, burlam controles de segurança e atacam diretamente suas aplicações e APIs.
Neste webinar, você vai entender como funcionam esses bots modernos e o que pode fazer para proteger suas aplicações contra essa ameaça silenciosa, porém poderosa.
Vamos abordar:
• A evolução dos ataques automatizados
• Tendências recentes e casos reais na região
• Como detectar e mitigar tentativas de takeover de conta com tecnologias avançadas
Além disso, realizaremos demonstrações práticas desses ataques e das técnicas de defesa mais eficazes.
Esperamos por você!

E se seus usuários não são humanos? Bem-vindos à era dos Bots

The telecommunications industry is undergoing a profound digital transformation driven by the need to deploy edge computing, 5G networks, and IoT applications and the requirement to deliver ultra-low latency services and superior customer experiences. This evolution, however, expands the attack surface for service providers and introduces new security challenges. Traditional security approaches often fall short when protecting dynamic, containerized environments, especially given rapid growth of API-based traffic.
This webinar will explore the growing threats that telco service providers face to infrastructure and applications, including API vulnerabilities and sophisticated DDoS attacks targeting core and edge networks. We will present the SUSE Rancher Prime + Radware Kubernetes Web Application and API Protection (KWAAP) solution, a Kubernetes-native, full-stack security framework that enables telcos to confidently deploy, scale, and secure Kubernetes environments across on-premises, hybrid, multi-cloud, and edge locations.
Discover how Radware's industry-leading application, API, and DDoS protection deliver highly accurate detection and mitigation with behavioral analysis and real-time signature generation, crucial for combating zero-day attacks. We will detail Radware's flexible deployment options, including distributed protection across large-scale interconnected networks and peak protection services with a global network of 19 scrubbing centers offering 12 Tbps of mitigation capacity for even the largest volumetric attacks. Complementing this, SUSE Rancher Prime provides centralized Kubernetes management and includes SUSE Security for deep runtime container security and policy enforcement, ensuring compliance and operational efficiency for your 5G and edge-native workloads. 
Learn how this joint solution reduces risk, accelerates DevSecOps, and maintains control over rapidly growing Kubernetes workloads without increasing operational overhead.

Infrastructure Protection in the Age of Edge Computing, 5G, and IoT

Over the recent years, Credential stuffing has quietly morphed from noisy password spraying into a surgical, multi stage business logic manipulation that spoofs devices and target APIs, often without ever triggering traditional bot defenses. Join Arik Atar, a Senior CTI Researcher, as he shares and explains his research findings. Drawn from Radware’s analysis of 100 advanced credential stuffing attack scripts on Q3 2025, this session lays bare the tactics that make modern account takeover campaigns almost invisible at the application layer. 

What You Will Learn
• Everything your security team should know: Behavioral and technical clues that expose cross device spoofing, BLA, and API attacks in real time.
• How do threat actors scan and map your application's business logic to manipulate their way into users' accounts?
• Leverage Radware Protections: How Radware’s Bot Manager, API Security, and Cloud WAF combine for end to end mitigation.
Who Should Attend
Application security owners, SOC analysts, fraud prevention teams, CISOs, and anyone tasked with safeguarding customer identities or high value digital assets.
Secure Your Seat
Spaces fill quickly—don’t miss this chance to out think a new generation of attackers before they monetize your users’ data. 
Register now and receive a complimentary executive summary of the full report.

The Invisible Breach: How Modern Credential‑Stuffing Evades Your App‑Layer Defenses

threat intelligence

cyber security

cyber threat

information security

Security

Cyber Attacks

Cloud computing has exploded over the past few years, delivering a previously unimagined level of workplace mobility and flexibility. The cloud computing community on BrightTALK is made up of thousands of engaged professionals learning from the latest cloud computing research and resources. Join the community to expand your cloud computing knowledge and have your questions answered in live sessions with industry experts and vendor representatives.

Cloud Computing

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

The data center management community focuses on the holistic management and optimization of the data center. From technologies such as virtualization and cloud computing to data center design, colocation, energy efficiency and monitoring, the BrightTALK data center management community provides the most up-to-date and engaging content from industry experts to better your infrastructure and operations. Engage with a community of your peers and industry experts by asking questions, rating presentations and participating in polls during webinars, all while you gain insight that will help you transform your infrastructure into a next generation data center.

Data Center Management

Join thousands of engaged IT professionals in the application management community on BrightTALK. Interact with your peers in relevant webinars and videos on the latest trends and best practices for application lifecycle management, application performance management and application development.

Application Management

Network infrastructure professionals understand that a reliable and secure infrastructure is crucial to enabling business execution. Join the network infrastructure community to interact with thousands of IT professionals. Browse hundreds of on-demand and live webinars and videos to learn about the latest trends in network computing, SDN, WAN optimization and more.

Network Infrastructure

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

The Invisible Breach: How Modern Credential‑Stuffing Evades Your App‑Layer Defenses

Presented by

About this talk

Radware