You may know Cloudflare as the company powering nearly 20% of the web. But powering and protecting websites and static content is only a fraction of what we do. In fact, well over half of the dynamic traffic on our network consists not of web pages, but of Application Programming Interface (API) traffic — the plumbing that makes technology work.

Businesses are currently witnessing improvements in cybersecurity capabilities, thanks to advancements in Artificial Intelligence (AI). However, the progress is accompanied by a parallel increase in the threat and sophistication of cyber-attacks, especially when the right event monitoring and threat detection tools are not utilized. Deloitte's latest research on security operations indicates that in 2023, 12.5% of businesses experienced more than one security event.

The OSPF (Open Shortest Path First) protocol belongs to a category of IP Routing protocols and serves as an Interior Gateway Protocol (IGP) designed for the Internet. It is employed to disseminate IP routing details across a solitary Autonomous System (AS) within an IP network.

The Sysdig Threat Research Team discovered techniques that allowed the AWS WAF to be bypassed using a specialized DOM event. Web Application Firewalls (WAFs) serve as the first line of defense for your web applications, acting as a filter between your application and incoming web traffic to protect against unauthorized or malicious activity. In this blog post, we will analyze one of the most commonly used Web Application Firewalls, the AWS WAF, and explain ways that allowed it to be bypassed.

Scientific progress in AI and downstream innovation to solve concrete real-world problems is part of a greater movement toward inventing Artificial General Intelligence (AGI). Broadly speaking, AGI is defined as an intelligent agent that can emulate and surpass human intelligence. Today, we are already familiar with incomplete forms of AGI: Despite these promising innovations moving from the scientific domain to consumer marketplaces, we are still far from achieving AGI.

Cyber threats are getting smarter and are going after businesses of all kinds. Your first line of defense against these threats should be network firewall security, which protects your private data and systems. By filtering data based on set security rules, firewalls create a wall between trusted internal networks and untrusted external ones. A study from Cybersecurity Ventures says that by 2025, cybercrime will cost the world $10.5 trillion every year.

As we all know, data security is a constantly evolving field, and it’s essential to keep up with the latest standards and requirements. And mark your calendars, because the current PCI DSS v3.2.1 is set to retire on March 31st, 2024. That’s right, the PCI Security Standards Council (SSC) has announced the release of the new and improved PCI DSS v4.0, and compliance with this updated version is mandatory for organizations to maintain data security.

My team and I were on a call with a customer who saw a critical need to secure access to his company’s cloud service provider (CSP) containers. Our conversation comes to mind often, because it reflects the fast-evolving nature of privileged access and what it takes to secure it in today’s complex IT environment. As we spoke, the customer stood out to me as a forward-thinking leader. His job: protect and enable an enterprise that is no stranger to the cloud.

Splunk Enterprise and Splunk Cloud Platform, along with the premium products that are built upon them, are open platforms, which allow third party products to query data within Splunk for further use case development. In this blog, we will cover using Amazon SageMaker as the ISV product using the data within Splunk to further develop a fraud detection use case to predict future risk scores.