Data protection laws around the world are changing the way businesses handle customer data. The healthcare industry, in particular, is under scrutiny due to the rise of high-profile cyberattacks aimed at some of the biggest healthcare providers.  Health organizations around the world are faced with numerous challenges so far as privacy laws and industry regulations are concerned.  Challenges for the healthcare industry regarding customer data Whether it’s lax access control, outdated software systems, or overall
Web Attacks & Trends   , ,
WAFs are among the most common security controls used by organizations in both the public and private sectors to protect their web applications against common web exploits. Driven by the extensive growth in attack volume against web applications, the global WAF market size is expected to reach $6.89 billion by 2024. What else is driving this growth across industries? Driver of WAF adoption In a research study by Computing, 62% of  IT decision makers surveyed
Web Security Tips   , , ,

October 14, 2019

3 Ways to Secure WAF APIs

In a recent cloud WAF hacking, many customers were alarmed when private API keys, salted passwords, and SSL certificates were revealed to have been compromised. It’s clear from this specific hacking incident that the appropriate steps were not taken to protect customers’ data. One proper security measure that was overlooked was API security. API security is concerned with the transfer of data connected to the internet, which means broken, exposed, or hacked APIs can lead
Web Attacks & Trends   , ,
In an age where hosting infrastructure in a cloud environment becomes more and more attractive – whether for maintenance, price, availability, or scalability – several service providers offer different PCI-DSS (Payment Card Industry – Data Security Standard) compliant solutions for their customers’ need to deal with payment cards. Many companies believe that when choosing a business partner already certified in PCI-DSS, no further action is required since this environment has already been evaluated. However, while
Guest Contributor   , ,
Threat detection is at the core of a WAF’s capabilities to accurately identify and block incoming attacks. However, not all threat engines are built the same. Many WAF vendors use ModSecurity’s engine, an open-source web application firewall, for their core ruleset.  This core rule set contains a set of generic attack detection rules that provide protection against many common attack categories, including SQL Injection (SQLi), Cross Site Scripting (XSS), Local File Inclusion (LFI), Remote File
Web Attacks & Trends   , , ,
Website owners rely on web hosting providers to get their websites up and running online.  But here’s the thing that may stumble some website owners: Hosting providers are only responsible for protecting the server in which websites are hosted, but customers will need to protect their own websites within the server.  Bottom line: Web hosting providers are not responsible for the security of websites themselves. What some web hosting providers may not realize is that
Cloudbric Tips & Tricks   , ,
In the age of information, data is everything. Since the implementation of GDPR in the EU, businesses around the world have grown more “data conscious;” in turn, people, too, know that their data is valuable. It’s also common knowledge at this point that data breaches are costly. For example, Equifax, the company behind the largest-ever data breach, is expected to pay at least $650 million in settlement fees. And that’s just the anticipated legal costs
Web Security Tips   , , ,
As one of the most popular hosting platforms alongside cPanel, Plesk provides a variety of security extensions for its users. Each Plesk security extension boosts their own unique features, meant to fully protect your website, server, email, and network from potential threats. Some extensions on Plesk require advanced system administration, so it’s important that you choose the right security tools based on your knowledge and experience — as not all security extensions are created equal. 
Web Security Tips   , ,
Cloudbric is proud to announce the release of their much-awaited security extension (inclusive of WAF and DDoS protection) for Plesk, an industry-leading web solution platform. Plesk is an all-in-one platform that allows developers, system administrators, and resellers to run, manage and secure their domains and servers via their control panel solutions and extensions. Through this partnership with Plesk, we aim to simplify security for both users and small to mid-size businesses. With the Cloudbric WAF extension, it’s easier for
Announcements   , ,
cloudbric growth new cso
We’re excited to announce that Yujin (Gin) Hyeon has joined Cloudbric as Chief Strategic Officer (CSO). As Cloudbric’s new CSO, Gin will be driving corporate strategy and investor relations to take the next big step forward. As a veteran of the tech industry, Gin’s experience with early stage companies from growth stage to IPOs will be pivotal for Cloudbric’s continued development. Given his track record, we are very excited to have him join our roster.
Announcements   , ,