Blog

Performance, security, and scalability of your web applications are put to the test. Therefore, ensuring a smooth user experience, scalable and performant IT infrastructure with ultra-low latency, and protection against cybersecurity threats is a challenge for DevOps teams.

If your company does not have effective defense against zero-day attacks, it is not adequately protected on the web. One of the most crucial aspects of a Web Application Firewall (WAF) is its ability to mitigate threats that exploit new vulnerabilities, commonly referred to as "zero-day attacks", which are often unknown even to the developers of the affected software.

Establishing criteria to identify the best WAF solution is an exercise that can raise many doubts. After all, there are so many security providers and similarities that it really becomes difficult to decide which one to choose. If this is the challenge you are facing, we have separated seven questions whose answers will help you find the right path. Spanish: Establecer criterios para identific

Upgraded functionality will provide enhanced observability for applications, with powerful real-time visualization into performance, availability and security

We've reached the final stage of our Zero Trust journey. In this post, we'll discuss the critical components required to complete this journey and achieve a truly secure architecture.

Learn how to deploy on your e-commerce platform the same security measures used by the largest retailers, without the need to modify applications or impact business continuity.

In this blog post, we will go through the steps of system and application access management and control, where Zero Trust requirements are put into practice.

The third phase of the Zero Trust journey encompasses the identification of maturity, gaps, and potential risks associated with inventories, data flow, and work in the organization. Besides that, in this phase, minimal access privileges will be defined for each user, service, or device that requests access to an asset.

Setting up cipher suites for your applications on the edge has never been easier. Now you can do it in Real-Time Manager, Azion's graphical interface.

In this post, we revisit the main threat detection methods adopted by WAFs available on the market and discuss the advantages of adopting the Azion WAF to protect your applications from known and emerging threats and from zero-day exploits.

Do you find getting security certificates to protect your websites time-consuming and sometimes complicated? Now you can easily and quickly do it, with no bureaucracy and at no cost at Azion’s Edge Computing Platform—in a few minutes, you get a reliable and free TLS certificate issued by Let’s Encrypt.

Azion offers a new solution on its Marketplace to protect your origin and reduce the amount of data transferred: Limit Payload Size. With it, your application will be more secure and efficient.

In this post, we explain in detail this important step in the Zero Trust journey and the path to building inventories based on the National Institute of Standards and Technology (NIST) best practices.

Learn how mTLS can add an extra layer of trust to your applications and help you avoid common data theft attacks.

Send Event to Endpoint is a solution that allows Azion customers to transmit events from a request to an HTTP endpoint of their choice, providing better insights and data protection.

PCI DSS v4.0 establishes a new and important cybersecurity framework for companies in the payment card sector. By obtaining it, Azion can now serve them with the solidity they need.

The Request Variation Controller solution has just been added to the Azion Marketplace. In a few clicks, this solution makes your application more secure by monitoring and blocking suspicious requests based on variation control.

In the debut post of our series on how to simplify the adoption of a Zero Trust security model, we presented the planning steps needed before the implementation begins. One of the most complex steps listed in that article is the Zero Trust journey, which consists of four phases (preparation, planning, access control, and implementation) and encompasses several processes. Similarly to the other parts of this process, the Zero Trust journey can be simplified at many points, starting with the preparation phase, which will be covered in this blog post.

Prevention is more important than trying to stop a leak when it's already happening, which is why solutions such as Data Loss Prevention (DLP) are shown as one of the resources that provide more visibility and protection for data currently.

This blog post is the first in a series that will discuss how to simplify the adoption of the zero trust model. If you are not familiar with this concept, we recommend that you start by reading about the zero trust economy and architecture. However, those who are already familiar with the topic know that implementing a zero trust security model can be challenging.

Understand how the attack occurs, and see test results that prove once again the efficacy of Azion's WAF in protecting our customers from zero-day threats.

The concept goes beyond network access control and applies to other aspects of your operation, like data access control, as data is increasingly targeted by cybercriminals.

The digital revolution world we live, where the adoption and the continuous change of technologies such as AI, IoT, 5G or the exponential increase of mobile devices are fast, the challenges of cybersecurity for organizations are increasingly important.

In this post about web application firewall (WAF), we list its ability to combat the OWASP Top 10 security risks as one of the major benefits (and requirements) of this type of solution. OWASP Top 10  is a project conducted by the OWASP® Foundation with the collaboration of security experts and web application developers used as a reference by security experts and companies around the world.

In this article, you will discover how edge computing can help banks in this constant modernization, also making it easier for the developers working on companies in the banking industry. Check five major benefits this technological infrastructure offers the sector.

Edge computing is a key component for modernizing web applications and accelerating digital transformation. However, those who are not familiar with this technology often have doubts about how much it can contribute to businesses. Even managers who have small IT teams and budgets sometimes do not know if its implementation is financially viable.

The edge is where the hyperconnected society expresses itself most clearly today. Thus, it's essential to understand how money flows through it and how to protect that money. This article analyzes the evolution of banking cybersecurity at the edge. Join us!

In a previous article, we discussed the importance of the Domain Name System (DNS), a hierarchical structure that works like a "phone book" for the Internet, and DNSSEC, a set of security extensions for the original DNS specification designed to make it harder for criminals to execute cyberattacks. In this article, we will talk about how DNSSEC works on Azion's Edge Computing Platform and how you can enable it to add an extra layer of protection for your websites and applications.

Developing innovative financial solutions entails many challenges. On the one hand, fighting fraud and compliance risks illustrates security's complexity. But on the other hand, performance and user experience are increasingly intrinsic to customer satisfaction. However, Justa has simplified the way to overcome them without giving up agility and focus on innovation.

DNSSEC (Domain Name System Security Extensions) is a set of extensions for the original DNS specification. They add security features to a service that is one of the cornerstones of the Internet, making it harder to execute attacks that may harm users, whether individuals or companies.

Recently, Team82, the security research team from Claroty, introduced a generic bypass of multiple web application firewalls sold by several popular vendors. The findings were presented during the Black Hat Europe 2022 conference in London.

Earlier this year, we provided customers with added assurance for the security of our platform with SOC 2 Type 2 compliance. And today, we are pleased to announce that our customers can request access to this independent audit of our security and availability controls with the attainment of our SOC 3 report.

For many CISOs and other security professionals today, the decision to move to zero trust is an easy one—the question that remains is how to get there. This blog will explain the components and reference architecture needed for effective zero trust security, examine the barriers to implementation, and discuss how the right vendor can help simplify integration and reduce costs.

Find out how Azion's edge computing technology gives APIs a superior level of protection and integrity.

Have you ever wanted to control access to your application so that users can only access it during a certain period of the day? Azion has a new feature that can help you solve this problem: the edge function Scheduled Blocking.

In this post, we present what a cookie tampering attack is and how Azion's Signed Cookies solution can be used to prevent this attack from running in your applications.

Zero trust is increasingly promoted as a must-have for modern security, but is it really a top priority for security teams adapting to new compliance requirements and data protection laws? In the midst of increased data privacy regulations, a larger and more complex attack surface, and rising attacks, adopting a new security framework may seem like an overwhelming task. But in addition to strengthening security, zero trust can actually ease many of the complications that security teams are facing by providing a scalable approach that is well-suited to complex modern applications and a patchwork of geographically specific data privacy laws.

Any tech industry professional is aware that using passwords is no longer enough to provide adequate levels of security. With that in mind, Azion offers two-factor authentication on its platform.

Over the past years, businesses around the world have rapidly accelerated their digital transformation – but have their approaches to compliance kept pace with the changes? Companies that do not keep compliance top of mind as part of their digital transformation strategy risk financial and reputational damages that can reduce or even outweigh the benefits of modernization. And with a rise in data privacy regulations and more conscientious consumers, the costs of non-compliance are even greater.

The highest possible security for your data and applications and a frictionless user experience are among Azion's top priorities. For that reason, we've further simplified the way you access our Real-Time Manager, using a new Social Login feature.

If you feel like cybersecurity today has become more challenging than ever, you’re right. Alarming trends in DDoS and ransomware, the need to modernize security to accommodate remote work and other trends, an ever-increasing number of hard-to-detect bad bots, and a shortage of skilled security personnel have left many teams scrambling to respond to cyber attacks. Fortunately, building a strong cyber threat intelligence program can help teams not only mitigate the fallout from attacks, but plan targeted, proactive strategies to get ahead of attackers and make the most of their team’s capabilities.

Reinforcing our commitment to the security and simplicity of our platform, Azion is pleased to announce the adoption of personal tokens for accessing our APIs and CLI.

Meeting PCI compliance regulations gives your customers the assurance that you take their privacy and security seriously. Unfortunately, the same regulations that ensure your customers’ data security can add latency to your site. At Azion, we believe that security shouldn’t come at the cost of performance. That’s why we’re proud to announce that we are now a PCI DSS 3.2.1 Level 1 compliant service provider, effective across all of our edge platform services--delivering the security your business requires with the performance you’ve come to expect.

With the rise in cyberattacks and passage of new data security laws, finding a secure service provider for your applications and websites has never been more important. That’s why we at Azion have invested in validating our security controls to assure our customers that the applications and websites delivered by our edge platform are kept safe and available. And today, we are pleased to announce that Azion has achieved SOC 2 Type 2 compliance.

As all Azion customers already know, our commitment to the security and simplicity of our platform is among our highest priorities. For this reason, we are pleased to introduce our new Single Sign-On (SSO) feature, which enables federated authentication across Azion products.

Considering the diversity of forms and its wide reach of DDoS attacks (extended, basically, to any company or entity that has an online presence), this post explains how Azion DDoS Protection protects against the main types of attacks to avoid major financial losses and damage to the image of your company.

Let’s Encrypt is a free, open, and automated Certificate Authority (CA) used to issue SSL certificates using the ACME (Automatic Certificate Management Environment) protocol. SSL certificates are a crucial component for the security and success of a website, as they enable secure data transfer using HTTPS. Not only does HTTPS increase a site’s search engine positioning and users’ trust, it enables use of the HTTP/2 protocol, resulting in significant performance improvements over HTTP/1.

It’s a fact that the world can't continue without the Internet and users want the best performance. When a DNS is modern and on an edge computing platform, the benefits are even greater, providing a much better experience for business and end users. That's what Azion's Intelligent DNS delivers for you and your business.

With the costs of a cyberattack skyrocketing, it’s crucial that businesses make security a priority when planning their spending this year. But how much is enough, especially for businesses facing tight budget constraints? Understanding and prioritizing cybersecurity costs is crucial for IT decision makers to not only understand how much to spend, but ensure that their investment in security pays off. This blog post will help guide security spending decisions by reviewing how much companies spend on cybersecurity on average, which factors can drive up spending, and how to control security costs without compromising your security effectiveness.

Since the discovery of CVE-2021-44228 (also known as Log4Shell), Apache has released multiple patches to address vulnerabilities in its popular logging software Log4j. The speed with which this story has developed demonstrates how, even after a patching cycle, zero-day attacks pose a threat to security teams as cybercriminals are constantly searching for new attack vectors and workarounds for protections.

A zero-day exploit has been recently discovered in multiple versions of the Apache Log4j library that allows for unauthenticated remote code execution by logging a certain string. The vulnerability, which was published as CVE-2021-44228 on Friday, December 10, poses a severe risk due to the ubiquity of the popular Java-based logging library, how easy it is to exploit, and the impact of the attack, which gives unauthorized users full server control. To ensure that our customers are protected against this critical vulnerability, we’d like to share what we’ve done to guard against these attacks and what steps Azion users should take to ensure they are protected.

Whether it is data privacy and security issues, environmental concerns, or supporting equal rights, today’s users are more concerned than ever with using brands that share their values and prioritize ethical practices. As a result, having a positive brand image is key to a successful business. However, all the work you put into building a strong brand reputation can be destroyed by cyberattacks that threaten your availability, deface your site with spam, or leak sensitive customer data.

Healthcare today is in the midst of a digital transformation, with remote healthcare, online patient portals, and wearable IoT devices that enable remote patient monitoring transforming the industry. In recent years, many health companies have moved to the cloud to enable more scalability and better availability. But is the cloud capable of delivering all that’s needed for the future of healthcare?

2021 has been a big year for cybersecurity; not only are attacks like ransomware and DDoS on the rise, the cost of cyberattacks to businesses is the highest it’s been since IBM began tracking it in their annual Cost of a Data Breach report. With alarming new attack trends and companies revamping their security to adapt to accelerated digital transformation, cybersecurity is becoming more important than ever.

Security analytics is one aspect of securing your network that is far too often undervalued. With it, you can leverage data analytics tools to render your security system more internally transparent, and by doing so, attain data-driven insights to anticipate and respond fluidly to both standard and novel cyber attacks.

Since its inception, the serverless model has revolutionized computing--but how has it changed security? Serverless computing platforms enable developers to build and run applications that are managed by the serverless provider, with automatic scaling and resources charged on a per-use basis. This means that the underlying infrastructure is not only provisioned and managed, but secured by the serverless provider, so developers don’t need to worry about some of the greatest security risks, such as known vulnerabilities in unpatched servers.

On September 29, 2021, Apache’s security team learned of a zero-day vulnerability (CVE 2021-41773) that attackers were exploiting to compromise Apache HTTP web servers and access sensitive files. They recommend that anyone using Apache servers 2.4.49 or 2.4.50 Linux and Windows-based servers to update to the latest version, 2.4.51, using the instructions found on the official Apache HTTP Server project site.

DDoS attacks are one of the most common threats across today’s landscape. But to stop them from crashing or degrading your web application, you must understand what they are and how they work.

With the undeniable performance benefits of edge computing, many companies are moving to the edge. But will the same security protocols from on-prem and cloud computing transfer after migrating apps and websites?

Your company’s ecomm experience relies on its security infrastructure to safeguard against attacks seeking to crash servers or expose sensitive client information, and on Black Friday those attacks are only going to multiply. Taking advantage of the intense traffic strain so many enterprises will face, sophisticated bots and bad actors use common attacks like DDoS to flood your system with junk connection requests until your overloaded servers are no longer able to keep up. In order to prevent that, you need to invest in a state of the art web application firewall to block attacks.

Massive cyberattacks are no longer a surprise. Hundreds of businesses have recently been affected by ransomware and ransom-based DDoS (distributed denial of service) attacks – with a huge impact on industries around the world and, consequently, our daily lives.

You may have heard a lot about Ransomware lately. Ransomware is a type of malware used by hackers to compromise a system, encrypt business critical data, and force owners to pay ransom in order to unlock it.

Larger and more widespread than ever, DDoS attacks continue to make news headlines and wreak havoc on digital businesses across many different industries and geographical locations. This seemingly permanent change to the threat landscape has sent a clear message to business owners and IT decision makers: no one is safe from DDoS attacks.

With security increasingly becoming more important, as well as regulatory requirements around privacy and data collection, it's more important than ever to build insights around your data.

Having a site or application outage on Black Friday is every e-commerce owner’s worst nightmare. E-commerce is notorious for it’s razor-thin profit margins, making these major holiday shopping days not only important, but critical to the success of retailers’ apps and websites. On average, online stores generate 300% more during the holiday weekend than other weekends in November, and according to Adobe Analytics, spend in 2021 reached 12 million per minute during the day’s peak hour. And while these gains are a boon to most retailers, those that aren’t prepared for the extra traffic stand will suffer a huge loss in profits.

It’s common to see websites, whether for small online stores, news outlets or government portals, going down due to excess traffic. This may happen because of sudden unexpected success – in the case of ticket sales or new video game launches – but, more often than not, overwhelming website visits are caused by criminal DDoS attacks.

Our main goal is to ensure efficient bot management closest to end users, leveraging the security, performance and resiliency of the Azion platform, combined with a state-of-the-art bot mitigation solution in Radware, fully equipped to detect and block the most aggressive and sophisticated automated attacks.

Did you know that only 48% of current internet traffic is human? That's right, more than half of internet traffic is currently generated by robots, divided between good and bad bots.

Low latency and security are both crucial for finance apps. Unfortunately, some of the measures designed to secure applications can negatively impact performance, resulting in a tradeoff that financial companies can’t afford to make. That’s why Azion’s Edge Platform is not only designed to maximize performance, but deliver robust protection for applications deployed at the edge.

As e-commerce becomes an increasingly popular way for consumers to shop, businesses must find new and innovative ways to improve their sites in order to remain competitive. By providing speed, increased availability, real-time analytics, and security in the last mile, edge computing can give retailers a competitive advantage. This blog post will examine the benefits of edge computing and how it can be used to deliver three key needs for e-commerce businesses: high performance, custom experiences, and building trust with customers.

Customer data moves back and forth all the time, and although the forms of virtual interaction have diversified, security when protecting this data has not always been enough. Since companies are increasingly building cloud-based applications with SaaS, security must also evolve to keep pace with this modernization.

Over twenty years since the term “Internet of Things,” or IoT, was coined, the IoT is now a mature ecosystem poised to take a big leap forward as a result of 5G and edge computing. IoT applications are expanding into mission-critical, ultra-low latency, and high-density use cases across industries. According to forecasts by IDC, the number of connected IoT devices will grow to 55.7 billion by 2025.

Web Application Firewalls, or WAFs, are a key component of modern web security. According to Verizon’s 2020 Data Breach Incident Report, over 80% of attacks last year targeted web applications--an unsurprising statistic given the ever-increasing size of modern applications’ attack surface. However, not all WAFs are created equal. As both cyber attacks and web applications become more and more complex, WAFs must use increasingly sophisticated techniques to secure applications--and to ensure that protection does not come at the expense of performance.

Even as the pandemic wanes, ongoing changes to Internet use like 5G rollout, accelerated cloud migration, and the increased use of IoT devices are certain to impact cybersecurity and DDoS attack trends this year.

Our commitment to building a safer, more stable internet is a core value here at Azion. As our global dependence on a secure internet continues to increase, it becomes ever more critical that we safeguard against the many vulnerabilities that web infrastructure is riddled with.

The Zero Trust model was introduced in 2010 by Forrester Research. The approach can be summed up in a few words: trust no one, not even employees. Over the next decade, new cloud applications were born and cloud adoption accelerated. Salesforce, ServiceNow, Shopify, Workday, Atlassian, Square, DocuSign, Slack, Box and other must-have apps became a part of the corporate digital toolset.

We are pleased to announce that, as requested by many of our clients, we have improved the process for delivering Azion Origin Shield. The new functionality means that you can now automate the rule settings in your firewall to give access to your origin to specific IP addresses from our network only and block all other access.