Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

7/23/2019
09:41 AM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Radware announces Detecting and Mitigating HTTPS Floods Without Decryption Keys

DefenseSSL(R) provides a keyless solution that accurately detects and mitigates HTTPS Floods.

MAHWAH, N.J., July 23, 2019 (GLOBE NEWSWIRE) -- Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery solutions, today announced that its industry-leading SSL DDoS attack protection, DefenseSSL®, now features behavioral-based algorithms for keyless protection against HTTPS flood attacks.  For the first time, organizations have the scale needed to effectively mitigate HTTPS floods.

According to Google, the majority of internet traffic is now encrypted and accounts for more than 70% of internet pages. While SSL/TLS encryption is critical for many aspects of security, it also opens the door to a new generation of powerful distributed denial-of-service (DDoS) attacks. SSL/TLS connections require up to 15 times more resources from the destination server than of the requesting host, meaning that threat actors can launch devastating DDoS attacks using only a relatively small number of connections.  Radware’s keyless DDoS mitigation solution now makes it possible to protect from SSL-based HTTP DDoS attacks at scale without adding latency to customer communications, and while preserving user privacy and simplifying key management.  

Service providers and carriers serve many tenants on their network and provide them with cyber-attack protections. Due to their own security policies, network tenants cannot provide their decryption keys to the service provider’s or carrier’s network administrators, which leaves the providers or carriers vulnerable to HTTPS flood attacks.  With no decryption capabilities, service providers and carriers are left with no effective solution to provide HTTPS flood protection to their tenants. 

Radware’s Chief Marketing officer, Anna Convery-Pelletier, said, “Our new DefenseSSL capabilities support carriers and service providers in protecting themselves and their customers against HTTPS flood attacks even when they don’t have access to their tenants’ decryption keys. This unique capability eliminates the massive operational complexity that comes with managing decryption keys. Further, with this solution, enterprises have the flexibility to opt for the most suitable protection to match their needs. Enterprises that have access to decryption keys can still choose to use those keys to decrypt suspected traffic and increase the accuracy of their mitigation.”

Radware’s solution for keyless protection against HTTPS flood attacks is based on a stateless architecture. Traditional solutions are stateful and thus themselves vulnerable to DDoS attacks.  With advanced behavioral algorithms and the combination of rate-based and non-rate-based parameters, Radware can identify DDoS attacks over encrypted traffic, even without inspection of the traffic’s content.  Radware’s DefenseSSL functionality is currently available across its DefensePro advanced protection product suite.  For more information, please visit https://www.radware.com/solutions/ssl-attack-protection/.

About Radware
Radware® (NASDAQ: RDWR), is a global leader of cyber security and application delivery solutions for physical, cloud, and software defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection and availability services to enterprises globally. Radware’s solutions empower more than 12,500 enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity and achieve maximum productivity while keeping costs down. For more information, please visit www.radware.com.

Radware encourages you to join our community and follow us on: FacebookLinkedInRadware BlogTwitterYouTubeRadware Connect app for iPhone® and our security center DDoSWarriors.com that provides a comprehensive analysis on DDoS attack tools, trends and threats.

©2019 Radware Ltd. All rights reserved. The Radware products and solutions mentioned in this press release are protected by trademarks, patents and pending patent applications of Radware in the U.S. and other countries. For more details please see: https://www.radware.com/LegalNotice/. All other trademarks and names are property of their respective owners.

Safe Harbor Statement 
This press release includes “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995. Any statements made herein that are not statements of historical fact, including statements about Radware’s plans, outlook, beliefs or opinions, are forward-looking statements. Generally, forward-looking statements may be identified by words such as “believes,” “expects,” “anticipates,” “intends,” “estimates,” “plans,” and similar expressions or future or conditional verbs such as “will,” “should,” “would,” “may” and “could.” For example, when we say that “Radware’s DefenseSSL capabilities support carriers and service providers in protecting themselves and their customers against HTTPS flood attacks”, this is a forward-looking statement. Because such statements deal with future events, they are subject to various risks and uncertainties, and actual results, expressed or implied by such forward-looking statements, could differ materially from Radware’s current forecasts and estimates. Factors that could cause or contribute to such differences include, but are not limited to: outages, interruptions or delays in hosting services or our internal network system; undetected defects or errors in our products or a failure of our products to protect against malicious attacks; the ability of vendors to provide our hardware platforms and components for our main accessories; our ability to attract, train and retain highly qualified personnel; and other factors and risks over which we may have little or no control. This list is intended to identify only certain of the principal factors that could cause actual results to differ. For a more detailed description of the risks and uncertainties affecting Radware, refer to Radware’s Annual Report on Form 20-F, filed with the Securities and Exchange Commission (SEC) and the other risk factors discussed from time to time by Radware in reports filed with, or furnished to, the SEC. Forward-looking statements speak only as of the date on which they are made and, except as required by applicable law, Radware undertakes no commitment to revise or update any forward-looking statement in order to reflect events or circumstances after the date any such statement is made. Radware’s public filings are available from the SEC’s website at www.sec.gov or may be obtained on Radware’s website at www.radware.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
SOC 2s & Third-Party Assessments: How to Prevent Them from Being Used in a Data Breach Lawsuit
Beth Burgin Waller, Chair, Cybersecurity & Data Privacy Practice , Woods Rogers PLC,  12/5/2019
Navigating Security in the Cloud
Diya Jolly, Chief Product Officer, Okta,  12/4/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: This comment is waiting for review by our moderators.
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19698
PUBLISHED: 2019-12-10
marc-q libwav through 2017-04-20 has a NULL pointer dereference in wav_content_read() at libwav.c.
CVE-2019-4428
PUBLISHED: 2019-12-09
IBM Watson Assistant for IBM Cloud Pak for Data 1.0.0 through 1.3.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session....
CVE-2019-4611
PUBLISHED: 2019-12-09
IBM Planning Analytics 2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 168519.
CVE-2019-4612
PUBLISHED: 2019-12-09
IBM Planning Analytics 2.0 is vulnerable to malicious file upload in the My Account Portal. Attackers can make use of this weakness and upload malicious executable files into the system and it can be sent to victim for performing further attacks. IBM X-Force ID: 168523.
CVE-2019-4621
PUBLISHED: 2019-12-09
IBM DataPower Gateway 7.6.0.0-7 throug 6.0.14 and 2018.4.1.0 through 2018.4.1.5 have a default administrator account that is enabled if the IPMI LAN channel is enabled. A remote attacker could use this account to gain unauthorised access to the BMC. IBM X-Force ID: 168883.