Name: Credential Stuffing 101
Start: 2021-08-05T15:26:00Z
End: 2021-08-05T15:26:17.000Z
Location: BrightTALK

ThreatX is changing the way companies protect their web applications and APIs. Follow this channel for educational resources to help you get started or for more technical threat research coming your way from our researchers.

ThreatX is a WAAP platform built to minimize fine tuning. We go beyond signatures with our attacker-centric detection engineered to protect all your web applications and APIs with WAF, API security, bot management, and DDoS protection.

AppSec is entering a new era. Organizations are continuing to accumulate security debt and are facing a 35% rise in cybersecurity attacks due to the full-throttle digital transformation initiatives propelled by the pandemic. In a bid to ward off rising attacks, security teams are managing a complex combination of security tools and intelligence feeds. At the same time, attackers are getting more sophisticated and employing complex, mixed-mode attacks. The result is that security teams are dealing with too many products to manage, too many alerts to address, product and alert fatigue, and not enough time or resources to extract valuable insights from the data their tools generate.       The answer to overcoming security tool sprawl, taming product and alert fatigue, and defending against new attacks lies in a unified and attacker-centric approach to AppSec. In this new era, companies must defend themselves from a variety of attack types and tactics, and to do so whether their application is cloud-based, hybrid, mobile, or built on a monolithic or microservice architecture.   Doing so, however, can seem far from straightforward. Bret Settle, Chief Strategy Officer at ThreatX, and Diana Kelley, CTO of SecurityCurve will shine a light on how CISOs and security teams can build a full-spectrum approach fit for the rapidly evolving threat landscape.    Join them to hear:  - Why it’s key to focus on the attacker, rather then the attack  - Why a modern security platform needs to be more than the sum of its parts and ready for all types of threats  - Why your security platform must traditional threat detection, application and attacker profiling, anti-bot and automation capabilities, AND API and microservices architectures  - How to overcome common challenges when trying to balance app performance and availability with security  - Best practices to enable teams to focus on their real goal – delivering safe, reliable experiences for users and the organization  - And more

Battling the Rapidly Evolving Threat Landscape: Practical Insights

As web applications, APIs and their threats have evolved, it’s no secret that traditional WAFs have struggled to keep pace. Increasingly seen as the answer to complex and bloated WAF architecture, Web Application & API Protection (WAAP) is currently the subject of much exploration and debate. 

Contrary to popular belief, WAAP is not simply the next stage of WAF + API security, but a true evolution of modern application security. In this panel discussion, ThreatX’s Chief Product Officer, Tom Hickman, and ESG Senior Analyst John Grady are discussing why this is and sharing what a native, purpose-built WAAP solution can do for the digital-first business. From diving into how WAAP ‘done right’ can cover all deployments in hybrid and cloud architectures, to sharing how it can offer API-native protection that is also microservices and DevOps ready, join John and Tom to hear: 

- What defines a WAAP solution and what it offers that traditional WAFs don’t
- How WAAPs make full use of automation and intelligence to protect businesses from all types of threats - including bots, malicious automation and new DDoS and Layer 7 attacks 
- How WAAP “done right” can protect against multi-faceted attacks that combine all these elements in one sophisticated attack 
- The business outcomes that pivoting to a native, purpose-built WAAP solution can produce 
- WAF war stories that expose why the future of app security lays in WAAPs 
- And more

The Future of Web App Security: Essential Considerations for WAAP Success

Complex cyberthreats are one of the most rapidly evolving threat vectors that businesses face as we head into 2022. Attackers are constantly shapeshifting and reaping the rewards of an attack strategy that knows where tripwires and detection thresholds exist in DDoS and bot detection solutions. As organizations try to defend themselves using once-proven, automated responses to singular attack variants, they're finding that they’re actually more vulnerable than ever.   The key to getting ahead of the bad guys is twofold:  Understanding the myriad of threat types that lie below the tip of the cyberthreat “iceberg,” and Recognizing that attackers don’t conform to defense toolchain’s expectations.   Tom Hickman, Chief Product Officer, and Diana Kelley, CTO of Security Curve will dive into this iceberg of threats and explain how attackers are using this arsenal of attack types to access systems and avoid detection. Join us to learn:   - Common blends of tools and techniques that attackers are using to stay just below detection thresholds to penetrate defense perimeters  - Insights into how automated attack methods are being used for reconnaissance and exploitation  - Examples of how organizations are experiencing these attack patterns  - And more...

The Evolving Cyberthreat Landscape: Defending Against Complex Mixed-Mode Threats

Credential stuffing: what it is, how it's changing, and why ThreatX's attack-centric, behavior-based web application and API protection platform may be your best ally in the fight.

Credential Stuffing 101

credential stuffing

Application Security

Cyber Security

DDoS

Botnets

Bots

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Credential Stuffing 101

Presented by

About this talk

ThreatX - Web App & API Protection