© 2013 imperva, inc. all rights reserved. ddos attacks and web threats: how to protect your site...
TRANSCRIPT
© 2013 Imperva, Inc. All rights reserved.
DDos Attacks and Web Threats: How to Protect Your Site & Information
Tina ShawAccount [email protected]
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -2
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -3
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -4
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -5
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -6
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -7
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -8
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -9
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -10
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -11
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -12
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -13
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -14
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -15
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -16
© 2013 Imperva, Inc. All rights reserved. - CONFIDENTIAL -17
© 2013 Imperva, Inc. All rights reserved.
Low-Orbit Ion Canon (LOIC) Purpose - DDoS Windows desktop application, coded in C# UDP/TCP/HTTP flooding
Hacking Tools
© 2013 Imperva, Inc. All rights reserved.
Hacker Forum Discussion Topics
DoS is Another Tool in the Hacker Toolbox
16%
22%
19%10%
12%
12% 9%
spamdos/ddosSQL Injectionzero-dayshell codebrute-forceHTML Injection
Source: Imperva. Covers July 2010 -July 2011 across 600,000 discussions
© 2013 Imperva, Inc. All rights reserved.
A 100GB attack (Sept 24th)
• Featured in eWeek on October 1, 2013• The attack's load was distributed across our +350Gbps network.
(each color represents a different data center)
© 2013 Imperva, Inc. All rights reserved. Confidential
Imperva Incapsula Overview
21
Incapsula helps Website owners…
© 2013 Imperva, Inc. All rights reserved.
Imperva Incapsula
Simplicity
Flexibility
Versatility
Imperva Incapsula Overview
© 2013 Imperva, Inc. All rights reserved.
Versatility “The idea of recognizing your strengths and using them in as versatile a way as you can is cool to me.” - Frank Ocean
Imperva’s
Tina^
© 2013 Imperva, Inc. All rights reserved. Confidential24
Imperva Incapsula Versatility
By routing Website traffic through Incapsula, bad traffic is removed and good traffic is accelerated
Web Application Firewall (WAF)Distributed Denial of Service (DDOS)Distributed Denial of Service (DDOS)Load BalancingLoad BalancingContent Delivery Network (CDN)
© 2013 Imperva, Inc. All rights reserved.
Imperva Incapsula is Deployed as a Reverse Proxy Network
360° Global Threat Detection & Analysis:
Enables early detection of threats and attack vectors and instant application of protection rules across the entire proxy network
© 2013 Imperva, Inc. All rights reserved. Confidential26
Incapsula’s Global Content Delivery Network
Datacenters• Currently 15 Datacenters
USA (Ashville NC, Ashburn VA, Los Angles CA, San Jose CA, Chicago IL, Miami FL, Dallas TX, New York NY), London, Singapore, Israel, Amsterdam, Tokyo, Frankfurt, Sydney
• Plans for another 4 Datacenters Toronto, Hong Kong, Sao Paulo, and Milan
Data Across Borders• Customer data can be locked into (or out of) specific countries
© 2013 Imperva, Inc. All rights reserved.
Simplicity
“Life is really simple, but we insist on making it complicated.” - ConfusiusSecurity Tina Shaw!
© 2013 Imperva, Inc. All rights reserved.
The Activation Email
20 sec
Elapsed time
© 2013 Imperva, Inc. All rights reserved.
Creating a User Account
40 sec
Elapsed time
Confidential30 © 2013 Imperva, Inc. All rights reserved.
Logging into Incapsula and adding a website
60 sec
Elapsed time
Confidential31 © 2013 Imperva, Inc. All rights reserved.
Incapsula Automatically Gathers Site Data
1 min 5 sec
Elapsed time
© 2013 Imperva, Inc. All rights reserved.
Changing DNS Settings
1 min 15 sec
Elapsed time
© 2013 Imperva, Inc. All rights reserved.
Getting Lost in Go Daddy’s Horrible UI
6 min 15 sec
Elapsed time
© 2013 Imperva, Inc. All rights reserved.
Updating DNS Records
8 min 15 sec
Elapsed time
© 2013 Imperva, Inc. All rights reserved.
Completing Incapsula’s Setup
8 min 45 sec
Elapsed time
Confidential36 © 2013 Imperva, Inc. All rights reserved.
The Website is Protected
9 Minutes- 5 Minutes4~5 Minutes
Elapsed time
37 © 2013 Imperva, Inc. All rights reserved.
Dashboard - Traffic
Confidential
Confidential38 © 2013 Imperva, Inc. All rights reserved.
Dashboard - Traffic
Confidential39 © 2013 Imperva, Inc. All rights reserved.
Dashboard - Security
Confidential40 © 2013 Imperva, Inc. All rights reserved.
Dashboard - Performance
Confidential41 © 2013 Imperva, Inc. All rights reserved.
Dashboard – Datacenter Response Time
Confidential42 © 2013 Imperva, Inc. All rights reserved.
Dashboard – Recent Updates
- CONFIDENTIAL -43 © 2013 Imperva, Inc. All rights reserved.
Visits
Confidential44 © 2013 Imperva, Inc. All rights reserved.
Visits - More
Confidential45 © 2013 Imperva, Inc. All rights reserved.
Visits – Add to Whitelist
Confidential46 © 2013 Imperva, Inc. All rights reserved.
Settings - General
Confidential47 © 2013 Imperva, Inc. All rights reserved.
Settings – Login Protect
Confidential48 © 2013 Imperva, Inc. All rights reserved.
Settings - Performance
Confidential49 © 2013 Imperva, Inc. All rights reserved.
Settings - Performance
Confidential50 © 2013 Imperva, Inc. All rights reserved.
Settings - Notifications
Confidential51 © 2013 Imperva, Inc. All rights reserved.
Settings - Security
Confidential52 © 2013 Imperva, Inc. All rights reserved.
Settings - Security
Confidential53 © 2013 Imperva, Inc. All rights reserved.
Settings - WAF
Confidential54 © 2013 Imperva, Inc. All rights reserved.
Settings - WAF
Confidential55 © 2013 Imperva, Inc. All rights reserved.
Settings – WAF Whitelist
Confidential56 © 2013 Imperva, Inc. All rights reserved.
Settings – WAF Whitelist
Confidential57 © 2013 Imperva, Inc. All rights reserved.
Settings - Permissions
© 2013 Imperva, Inc. All rights reserved.
Flexible
“I like forms that are flexible, that can let you feel creative.” -John Scofield
Security Products
Tina Shaw!
^
© 2013 Imperva, Inc. All rights reserved.
Imperva Incapsula Customer Sample
Confidential59
© 2013 Imperva, Inc. All rights reserved.
Incapsula Makes Security Simple
Imperva Incapsula
Simplicity
Flexibility
Versatility
© 2013 Imperva, Inc. All rights reserved.
Questions?