As the COVID-19 pandemic continues to wreak havoc across the globe, cybercriminals are making matters worse by exploiting the crisis for their benefit. The US Department of Homeland Security, the Cybersecurity and Infrastructure Security Agency, and the UK’s National Cyber Security Centre recently issued a joint alert detailing the increase in COVID-19-related malicious cyber activity. The sudden and unanticipated surge in teleworking has further amplified the threat to people and organizations due to the increased use of potentially vulnerable services.
Even the most knowledgeable security professionals are finding it difficult to stay current with the multitude of increasingly sophisticated threats. With new attack vectors emerging through the exponential growth of web, mobile, and cloud-powered applications, businesses need to be alert and take proactive steps to protect themselves, their customers and their partners.
To bolster security and ensure that they’re using the cloud to its fullest potential, businesses should consider leveraging a next-generation web security solution like Reblaze, a web application and API security platform that provides protection via the clouds you already trust. Reblaze is a comprehensive, unified, easy-to-use platform that blocks all forms of hostile traffic. As a Google Cloud security partner, Reblaze is tightly integrated with Google Cloud Platform (GCP), leveraging products like Cloud Armor, Cloud Security Command Center, and BigQuery. Here are 5 ways to leverage Reblaze and GCP to boost security and protect your web assets:
1. Automate Your Web Security
Security frameworks built into public cloud platforms require user intervention to define security rules and keep them updated. This can be incredibly challenging, especially under the stress of an attack, because it requires users to analyze traffic logs and create complicated rulesets. It also requires users to be constantly vigilant and keep their rulesets updated as traffic patterns change. This all requires a level of security expertise and a time commitment that is not available to most organizations. To avoid the issues that come along with manual ruleset management, businesses should consider a solution that automates their cloud platform’s inherent security capabilities. GCP users seeking to get the most out of Cloud Armor, a robust distributed security framework built into GCP, can leverage Reblaze to convert Cloud Armor into an autonomous system that reacts immediately to every type of attack: Reblaze identifies hostile traffic, and Cloud Armor immediately blocks it at the edges. Every rule, signature, and policy defined by Reblaze is synced onto Cloud Armor.
2. Augment & Extend Built-In Security Products
While security products built into public cloud platforms are a necessary component of a good overall strategy, to get the most out of them, businesses should consider augmenting and extending their built-in security products for maximum protection. By implementing a fully integrated security layer on top of the built-in security, you can gain even more robust and comprehensive protection. For example, by augmenting built-in security with Reblaze, you can extend defensive capabilities to include bot mitigation, human behavioral analysis, scraping prevention, and more.
3. Implement Advanced Bot Detection
Robust bot detection should be a vital component of your security strategy, especially now as organizations are witnessing a surge in bot traffic related to the coronavirus pandemic. In February, 31.3 percent of eCommerce traffic was made up of malicious bots. Bots are responsible for a wide variety of mayhem including DDoS, credit card fraud, vulnerability scans (followed by breaches), API abuse, account hijacking, spreading misinformation and more. While most built-in security solutions can identify common bot attacks (such as simple volumetric DDoS), the latest generation of malicious bots are able to evade detection by mimicking human behavior. To detect more sophisticated bots—which make up an increasingly large percentage of internet traffic today—newer detection methods are required. Reblaze goes far beyond typical bot detection methods and utilizes machine learning to construct and maintain behavioral profiles of legitimate human visitors. For each user, Reblaze continually gathers and analyzes stats such as client-side I/O events, triggered by the user’s keyboard, mouse, scroll, touch, zoom, device orientation, movements, and more. Continuous multivariate analysis verifies that each user is indeed a legitimate human. These unique learning and adaptive capabilities allow Reblaze to identify and respond to malicious bots and other threats even as they become more sophisticated.
4. Secure Your APIs
With social distancing measures in place, people are spending even more time on their devices for work, play, and socializing. As a result, there has been increased activity on mobile web applications. With this increase, the potential for security breaches is heightened. Cyberattacks, such as DoS/DDoS attacks, authentication hijacking, data exposure, and injection attacks, can be performed via APIs, the communication protocol between an application and a website. APIs that are broken, exposed, or hacked can expose sensitive medical, financial, and/or personal data. APIs are an integral part of modern application environments. In fact, it’s estimated that the average organization manages over 300 APIs, many of which are exposed externally to customers and partners. Securing API endpoints from hostile usage is challenging because attacks aren’t necessarily detectable within incoming requests. When it comes to API security, typical approaches to web security aren’t always effective because many forms of API abuse are based on requests that appear to be legitimate. Considering that APIs are one of the fastest-growing attack targets, it is wise to invest in a security solution, like Reblaze, that offers a fully managed protective shield for APIs.
5. Enhance Security Visibility & Insights
Monitoring and display products built into public cloud platforms, like Cloud Security Command Center (Cloud SCC) on GCP, inherently provide a number of actionable security insights and make it easier to prevent, detect, and respond to threats. To leverage these capabilities for even deeper insights, pairing Cloud SCC with Reblaze adds the additional benefit of streaming data about dynamic security events. While most web security solutions track incoming traffic based on single-dimensional factors such as signatures and IP addresses, Reblaze goes beyond this and identifies attackers using multiple identifiers. Reblaze also adds a time dimension, maintaining a history for each requestor. By monitoring behaviors and resource consumption over time, Reblaze can enforce sophisticated time-based requirements: for example, limiting the amount of data consumption during a specific time.