Tech Library is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

TECH DIGITAL RESOURCE LIBRARY

Signal Sciences

Signal Sciences is the leading next-gen WAF and RASP web application protection solution built to detect and stop attacks wherever you run your apps, APIs and microservices.

Our Website: https://www.signalsciences.com


Latest Content From Signal Sciences

Whitepaper: The DevOps Roadmap for Security

by Signal SciencesOct 02, 2019

DevOps is concerned with uniting two particular tribes: development and operations. These tribes have seemingly competing priorities: developers value features while operations value stability.

These contradictions are largely mitigated by DevOps. A strong argument could be made that the values of the security tribe--defensibility--could just as easily be brought into the fold, forming a triumvirate under the DevSecOps umbrella.

The security tribe's way forward is to find ways to unify with DevOps in four key areas:

• Create feedback loops
• Unite security and engineering culture
• Enable delivery velocity
• Treat everything as code

Download this eBook to learn how to extend the benefits of DevOps to security and how to embrace and implement modern DevSecOps principles, practices, and tooling.


Whitepaper: Detecting Account Takeovers and Defending your Users

by Signal SciencesOct 02, 2019

Organizations are under attack, but today's attacks aren't focused on attacking just servers - today's attacks focus on attacking your users. Account takeovers are on the rise, putting critical company data at risk. Learn about these attacks and how you can defend against them.

Download this whitepaper to learn:

• What are account takeovers?
• Why is account based security important?
• How do I detect account takeovers?
• How do most companies implement authentication?
• Where does AppSec fit in?
• Where do most authorization attacks come from?


Whitepaper: Identifying Web Attack Indicators

by Signal SciencesOct 02, 2019

Attackers are always looking for ways into web and mobile applications. The 2019 Verizon Data Breach Investigation Report listed web applications the number ONE vector attackers use when breaching organization.

In this paper, we examine malicious web requests for four of the most common web attack methods and show how to gain the context and visibility that is key to stopping these attacks.

Key Learnings:
• Four common web layer attack types: account takeover, API abuse, injection attacks, and business logic attacks
• Key attack indicators and steps to get ahead of attacks
• Best practices for improving web application security posture


Whitepaper: Modern Applications and Architectures Demand a New Web Application Firewall

by Signal SciencesOct 02, 2019

Changes in development models, architecture designs, and the infrastructure where we run applications over the past 5-10 years have made modern applications look nothing like they did a decade ago. So why are most companies still using legacy web application firewall (WAF) defenses that were not built for modern web applications?

In this whitepaper, learn how these changes have impacted the industry and what features you should be looking for in a modern WAF, including:

• How shifts from n-tier to microservices architectures have changed web application security
• The impact of 'tuning periods' on false positive rates
• Why legacy WAFs struggle with agile development
• How to stay secure across a modern infrastructure mix - including cloud, containers, web servers, and more


Whitepaper: DevSecOps: How to Grow Security's Influence

by Signal SciencesOct 02, 2019

By adopting DevSecOps practices, security is finding itself adding significant value to organizations, helping them move faster and safer by working with development and operations teams. Yet according to the SANS 2018 Survey Secure DevOps: Fact or Fiction?, adoption is still in its infancy, and most organizations have yet to realize the value that mature DevSecOps practices provide.

Download this white paper to learn how to:

• Begin or advance DevSecOps implementation in your organization
• Help security grow in both influence and effectiveness
• Identify resource misutilization
• Add telemetry and feedback loops
• Automate and monitor across the software pipeline
• Influence organizational culture