Understanding Your Credential Stuffing Attack Surface

Understanding Your Credential Stuffing Attack Surface

01-07-2020Akamai Technologies DenmarkENWhitepaper
For any organization at risk for credential stuffing attacks, its ability to effectively mitigate these attacks will depend on more than the bot management vendor or solution you select. How your website is architected will play a critical role in the effectiveness of any security solution. 

To understand why, consider how these attacks work, and how security solutions protect against them. Credential stuffing attackers use botnets to automate the validation of stolen credentials against your application login. To separate automated bots from legitimate human users, today’s advanced bot detection technologies use JavaScript injection when protecting web pages and a mobile software development kit (SDK) when protecting APIs used by native mobile apps. Depending on how your website is architected and the types of clients that interact with it, your ability to minimize your attack surface could be limited. 

In this white paper, we explain what’s behind the architectural challenge to employing today’s bot management solutions effectively, the ideal website architecture to mitigate credential stuffing attacks successfully, and specific intermediate options to reduce your attack surface — along with the risks and limitations of each option.
registrering nødvendig

Ved download af dette whitepaper accepterer du, at leverandøren af whitepaperet kontakter dig på din oplyste e-mailadresse eller telefonnummer med yderligere information om leverandørens ydelser relateret til whitepaperet

Sorter efter:
 
Vis:

{{item.title}}

{{item.title}} {{item.published | date:'dd-MM-yyyy'}}{{item.supplier.fullName}}{{item.language}}{{item.class}}
 

Din whitepaper-konto

Opret en gratis whitepaper-konto hos Version2 og få direkte og nem adgang til alle dokumenter, whitepapers, rapporter, cases og webcasts

It-nyheder

Cloud-kaos presser danske virksomheder: »Vi er jo nærmest vokset op med, at det hele hedder Office eller Microsoft«

En genvindingsvirksomhed i Nordjylland er sat under pres efter nye anbefalinger fra Det Europæiske Databeskyttelsesråd. De er blot én af...

Frankrig beordrer tech-giganter til at betale digital skat

Det franske finansministerium har sendt meddelelser om kommende opkrævninger af digital skat til store teknologivirksomheder.

Regningen for Smittestop-app vokser med 1,4 millioner kroner

Det kommer til at koste 1,4 millioner kroner at holde Smittestop-appen kørende i de første tre måneder af 2021.

Blog: Er vi på vej mod en "EU-cloud"?

Det er nok ikke gået manges næse forbi, at der er nyt i Schrems II-sagaen i form af nye EU-vejledninger og standardklausuler/SCC’er. I...

Ritzau er stadig lammet efter it-angreb: Hackere kræver løsepenge

Tirsdag blev Nyhedsbureauet Ritzau ramt af et hackerangreb. Hackerne har efterfølgende krævet penge for at frigive data, men det har...

Whitepapers

Protect Your Online Business from Credential Stuffing

An attacker uses bots to continuously ping your website pages (usually the...
Understanding Your Credential Stuffing Attack Surface

Understanding Your Credential Stuffing Attack Surface

In this white paper, we explain what’s behind the architectural challenge to...

Which Bot Management Solution Is Right for You?

If you picked a website at random, what you’d find might surprise you. You...
Performance Characterization of Virtual NGFWs

Performance Characterization of Virtual NGFWs

Virtualization is rapidly transforming data centers into agile and...
Realistic Application Simulation for Enterprise Firewall Performance Testing

Realistic Application Simulation for Enterprise Firewall Performance Testing

It is challenging for enterprises to use 100% realistic test traffic to...
Firewall Performance Testing Use Cases in Lab and Production Networks

Firewall Performance Testing Use Cases in Lab and Production Networks

This whitepaper identifies the requirements and challenges of different...
Protecting Personal Data While Enhancing Customer Engagement

Protecting Personal Data While Enhancing Customer Engagement

Retailers need to develop ever-closer relationships with their customers...
State of the Internet / Security: Financial Services – Hostile Takeover Attempts

State of the Internet / Security: Financial Services – Hostile Takeover Attempts

High-value targets generally attract sophisticated criminals and attacks. This...
Order form InfoSecurity 2020 the 29th and 30th of April

Order form InfoSecurity 2020 the 29th and 30th of April

Priceline Reduces Access Control Costs While Providing Remote Workers Secure Access to Critical Resources

Priceline Reduces Access Control Costs While Providing Remote Workers Secure Access to Critical Resources

Use case: Priceline provides remote workers with secure, simplified access to...