Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

Starting on Aug 25, 2023, we started to notice some unusually big HTTP attacks hitting many of our customers. These attacks were detected and mitigated by our automated DDoS system. It was not long however, before they started to reach record breaking sizes — and eventually peaked just above 201 million requests per second. This was nearly 3x bigger than our previous biggest attack on record.

Earlier today, Cloudflare, along with Google and Amazon AWS, disclosed the existence of a novel zero-day vulnerability dubbed the “HTTP/2 Rapid Reset” attack. This attack exploits a weakness in the HTTP/2 protocol to generate enormous, hyper-volumetric Distributed Denial of Service (DDoS) attacks.

According to the recent The Cyber-Resilient CEO report released by IT services and consulting agency Accenture, a staggering 74% of CEOs have expressed concerns about their organizations' ability to protect their businesses from cyber attacks. This is despite the fact that 96% of CEOs acknowledge the importance of cybersecurity for the growth and stability of their organizations.

Modern cloud applications are made up of thousands of distributed services and resources that support an equally large volume of concurrent requests. This level of scale makes it more challenging for engineers to identify system failures before they lead to costly outages. System failures are often difficult to predict in cloud environments, and security threats add another layer of complexity.

Security orchestration, automation, and response (SOAR) has an opportunity to be a game changer in how we tackle cyber risk, but there is a significant disconnect between the promises made by existing SOAR platforms and how organizations are able to realize their real-world operational and cost-saving efficiencies. All those automations that promise to eliminate late hours working on mundane stuff. All the orchestrations that promise to get things done faster.

“Purpose-built does not scale.” That’s what IDC says in its latest research report “How Hyperautomation Is Used to Reduce Gaps and Inefficiencies in Network Cybersecurity.” What does that mean? It means that your monitoring point products, like legacy SOAR, just don’t cut it any longer. They can’t scale in today’s hybrid cloud and multi-cloud environments without piling on more tools, further fueling tech stack sprawl.

The AEC industry is heavily reliant on accurate and reliable information. Architects, engineers, builders, and owners all require instant access to data and documentation throughout the lifetime of a project, from inception to post-occupancy. In a project with numerous stakeholders, ensuring timely access to necessary information is crucial for all involved parties.

The nation’s capital—Washington, D.C., hosts over 700k+ individuals along the shared border of Maryland and Virginia; within Columbia, an estimated 86.9% of inhabitants can actively vote. The D.C. Board of Elections (DCBOE) is an autonomous group overseeing elections in the area. They manage the voter registration process and manage ballot access for the public. However, D.C. residents are under threat following a recent data breach.