More Posts
Navigating Cybersecurity Metrics For Web Applications
Maintaining a resilient security posture is an ongoing effort for every organization. As reports of data breaches, fraud, and cyberattacks…
- by Sam O'Brien
The Future of Zero Trust: Continuous Authentication
Ask any CISO about a trend that they think will help push security postures forward and you’ll inevitably hear the…
- by Rich Smith
The Overlooked Evaluation Factor: Customer Experience
Evaluating SaaS-based services for purchase is rarely a straightforward path: you'll enter the research and product testing process with your…
Evaluating WAF solutions?
Know the Key Considerations for Replacing Legacy WAF
We hear often from customers who replace a legacy web application firewall (WAF) with Signal Sciences next-gen WAF about why…
Integrating the Ambassador Edge Stack with the Signal Sciences Web Application Firewall
With a new integration between the Ambassador Edge Stack, the most popular Kubernetes-native API gateway and Signal Sciences WAF, platform teams can now further…
- by Jen Dyment
Continuous Contextual Authentication: Cybersecurity and Identity Converge
in a Hybrid-cloud World
Authentication and authorization are broken. As an industry we’ve known this for a long time and the notion routinely emerges…
Sick of high WAF costs?
So are we.
A rapidly growing theme for essentially every CISO I’ve been speaking with these days is: how do we get more…
Signal Sciences Introduces Advanced Rate Limiting for Fast, Easy Protection Against Advanced Web Attacks
Signal Sciences is excited to announce the availability of new advanced rate limiting features that extend our customers' ability to…
My Top Five Cyber Security Books
Over the last two years, I’ve read 25+ cyber security books to invest in understanding as many parts of our…
How do developers build a security program? Start with these three questions.
Today’s developers are no longer seen as single subject-matter experts. The need for secure, production-ready software, combined with a more…
- by Liz Hurder
Web Application Security Without Organizational Resistance
As software-defined networks have replaced the monolithic, server-to-server communication paths of networks’ past, web application firewalls (WAFs) have become staples…
Signal Sciences Named a Gartner Peer Insights Customers’ Choice for Web Application Firewalls Two Times in a Row
“Our team switched to Signal Sciences from a legacy WAF roughly a year ago and we couldn't be happier with…
- by Zane Lackey
Cloud Native Application Security: Protection At and Within the Perimeter
What makes an application “cloud native” and what’s so different about protecting these kinds of apps? Ultimately, the answer lies…
- by Alfred Chung
How Next-Gen WAF Empowers the DevOps Lifecycle
Signal Sciences next-gen WAF can send and receive data to and from a wide range of security and DevOps tools…
Embracing the Human Element of Security
RSA Conference 2020’s theme “Human Element” is an apt one for Signal Sciences: from our inception, we have focused on…
Preventing Server Side Request Forgery (SSRF)
Reflecting on the use of SSRF in the Capital One Breach One of the most notable breaches of 2019 was…
- by Alfred Chung
Application Layer Protection for Istio Service Mesh
Today, Signal Sciences announced another industry-first: the launch of our next-gen WAF integration with Istio service mesh. As development teams…
- by Alfred Chung
The Impact and Tactics of Retail E-commerce Web Attacks
The online shopping season is upon us as consumers search the web for the best deals on gifts. The revenue…
Protecting WebSocket Protocol Apps and APIs with Signal Sciences
The 4.2 release of the Signal Sciences agent introduces WebSocket traffic inspection, enabling customers to extend the coverage of applications,…
- by Alfred Chung
Better Web Shell Detections with Signal Sciences Next-gen WAF
Note: Special thanks to Alec Randazzo and Expel who originally wrote and published this blog. We're showcasing it as it…
Keeping Digital Information Safe with SOC2 and HIPAA
Signal Sciences is proud to announce that it has achieved Service Organization Control (SOC) 2 Type 2 and Health Insurance…
- by Lindsey Lowe
Security is a Shared Responsibility
One of the core tenets of National Cybersecurity Awareness Month this year is “Secure It.” But what is “it” exactly?…
Web Layer Visibility Defined: Identifying Top Web Attack Indicators
With the flu season coming upon us, we’re lucky that its signs and symptoms—aches, congestion, and fever—are easily recognized within…
- by Liz Hurder
Increasing Security Visibility with Multiple Custom Dashboards
At Signal Sciences, one of our guiding principles it to make security visible. That means empowering our customers to know…
Signal Sciences Launches Pivotal Container Service (PKS) Integration
Container adoption has grown rapidly in recent years: Gartner Research predicts that by 2022 more than 75% of organizations globally…
Three Key Challenges for Securing Cloud-Native Apps: Lessons learned from Cloud Native Security Summit 2019
Signal Sciences, along with Capsule8 and Obsidian Security, recently hosted the 2nd annual Cloud Native Security Summit (CNSS), bringing together…
- by Liz Hurder
Championing Visibility and Reducing Uncertainty with Effective Product Design
HTTP Request Smuggling Detections
I’m excited to announce the ability of Signal Sciences to detect HTTP Request Smuggling attempts! For customers implementing modern, multi-tiered…
- by Brian Joe
Protecting Valuable Personal Health Information (PHI)
There’s no way around it: medical care impacts us all. Even in good health, we cannot predict accidents and emergency…
The 3-Layered Cake: Deploying Signal Sciences in Kubernetes
Examples of common install patterns of Signal Sciences in Kubernetes The Many Flavors of Kubernetes Recently I have found that…
Strengthening Your Defenses Against API Abuse
Application Programming Interfaces (APIs) are an intermediary framework that enable applications to communicate and exchange data with one another. As…
- by Liz Hurder
Keep Doing What You’re Doing!
I got this follow up text from a CISO I had dinner with last night and it’s a fitting message…
Securing Technology Innovators’ Web Layer Assets
Move Fast Without Breaking Things For the last fifteen years, Facebook’s motto “Move Fast and Break Things” has been the…
- by Liz Hurder
Virtual Patching the Signal Sciences Way
Virtual Patches: Security Duct Tape Let’s get serious for a minute. Virtual Patching is Cyber duct tape. Originally coined by…
- by Cody Wood
Real-time Web Layer Threat Investigation and Remediation with Cisco Threat Response
- by Tom Chang
Signal Sciences Launches Next-Gen WAF Support for Envoy
Signal Sciences Launches Cloud WAF for Easy Web Application Security
The Ugly Truth of Retail Fraud and Account Takeovers
Security Opportunities and Demands of Digital Transformation
Effectively Discussing Security Risks with the Board
Modern Software Architectures Require Modern Web Security
Modern Web Security Meets Modern Load Balancing with NGINX
A Visual Guide to Cloud Native Security Challenges
The WAF Appliance Struggle is Real in a Cloud Native World
Protecting Financial Applications at Scale
Visualizing Attack and Signal Trends Across Your Sites
Cloud Native Security Challenges and Opportunities
Expanding Power Rules with Shareable Lists
Seven Ways to Deploy Signal Sciences in Kubernetes
Why Customers Choose Signal Sciences
We ask our customers early and often why they chose us as their next-gen WAF and RASP technology of choice.…
Delivering a better WAF—Faster
At Signal Sciences, we’re in the business of reimagining the WAF and our purpose is to redeem the goal it…
Surfacing Key Indicators of Account Takeovers
The Pros and Cons of RASP in 8 Minutes
Dear RASP: We Need to Talk About the Friction in Our Relationship
Dear RASP, It is finally time for me to write you this letter. When we first met you were something…
Listening to Web Attacks Remixed!
Moar Platform Support: Signal Sciences is Now Available on Kong Hub for Microservices, API, and Serverless Support
Security’s Shift Right
Aggregate Availability Check with Signal Sciences Data
Having the privilege to work with so many great enterprise customers has its benefits. One great benefit is you are…
Auditing Signal Sciences Configuration
Using Signal Sciences to Defend Apache Struts CVE-2018-11776
- by Cody Wood
Introducing go-sigsci: A Go library for the Signal Sciences API
- by Shawn Smith