Threats

All Content Application Protection Bots and Automated Attacks

Threat Reports

In-depth research, analysis, and actionable insights

2023 Identity Threat Report: The Unpatchables

Top Risks

2023 Identity Threat Report: The Unpatchables

We are excited to announce a new report covering threats to digital identities. This report goes into detail on credential stuffing, phishing, and multifactor authentication bypass techniques.

11/01/2023 report 80 min. read

The Evolving CVE Landscape

Top Risks

The Evolving CVE Landscape

Plus, the 7 Weirdest CVEs (You won’t believe number 6!)

02/28/2023 report 40 min. read

2023 DDoS Attack Trends

Attack Campaign

2023 DDoS Attack Trends

We analyzed the last three years of DDoS data, and found attackers shifting to more complex approaches, and shifting up the stack.

02/21/2023 report 15 min. read

App Infrastructure Attacks DDoS Attacks Client-side Attacks Web Application Attacks

App Infrastructure Attacks

Dictionary attacks Eavesdropping Protocol abuse Key disclosure DNS hijacking DNS spoofing PDoS Man-in-the-middle Certificate Spoofing Password Spraying Credential Stuffing

App layers compromised:

DDoS Attacks

DNS amplification SSL-TLS renegotiation SYN, UDP, and HTTP floods Heavy URL HTTP flood DNS flood SYN flood Protocol Abuse UDP flood DNS reflection

App layers compromised:

Client-side Attacks

Client-platform malware Cross-site scripting Cross-site request forgery Man-in-the-browser Phishing Session hijacking Man in the middle Injection Credential Theft

App layers compromised:

Web Application Attacks

Credential theft Credential stuffing Brute force attack Cross-site scripting Man-in-the-middle API Attacks Protocol abuse Injection Cross-site request forgery Phishing Abuse of functionality Malware Remote Code Execution

App layers compromised: