Kasada recently appointed Neil Cohen as its Chief Marketing Officer. In this blog post, he shares his reasons why he joined the company.
I’m thrilled to have recently joined Kasada to lead marketing. When I first heard what the team had built, I knew it was something I wanted to be a part of. Kasada is tackling the online traffic integrity problem – protecting against malicious automated attacks that plague web and mobile businesses, and eliminating unwanted traffic such as price scrapers, inventory grabbers, application DDoS, and account takeover attacks. On average, more than a third of all Internet traffic is not initiated by real users. Across many industries, the majority of login attempts are fake.
Here’s how many malicious automated attacks are conducted:
Maintaining an organization’s online traffic integrity is not a new problem. There have been solutions attempting to stop such attacks for some time. Yet protection against automated attacks continue to be an enormous challenge for two important and very different reasons –
- Financial – economics are heavily skewed in favor of the attacker, with huge return potential
- Technical – attackers continue to increase their sophistication to circumvent defenses
Financial – Huge Return Potential
Follow the money – that’s what attackers do. Cybersecurity Ventures predicted that cybercrime will cost the world $6 trillion annually by 2021 and will be more profitable than the global trade of all major illegal drugs combined.
As an example, consider an account takeover attack on an eCommerce site. Suppose an attacker phishes and purchases a million stolen credit cards for a total cost of $100 in an attempt to fraudulently purchase gift cards. Through an automated attack, the online retailer bears a huge cost – credit card authorization charges, fraudulent gift card purchases, human time, brand damage, and the massive infrastructure resources required to sustain such an attack. Even if only a tiny percentage of credit cards are indeed valid, the attack can be enormously profitable with minimal cost.
Technical – Increasing Sophistication
When there’s money to be made, fraudsters will figure out how to circumvent defenses, which is what’s happening with existing solutions. Online businesses have been forced to add new layers of defenses to stop increasingly sophisticated attacks, adding cost and complexity to security operations.
Most defense techniques rely on using historical data to make decisions about the future. Examples include blocking IP addresses based on history, leveraging rate controls, applying rules based on signatures, and network characterization. Even machine learning searching for anomaly patterns is based on the past in order to apply that learning to the present. To increase efficacy, businesses have been forced to combine a variety of such techniques while adding greater complexity within their operations. All the while, attackers are continuing to find ways through such defenses.
Turning the Paradigm on its Head – Simplicity AND Efficacy
Kasada helps businesses protect their online traffic integrity in a way that is elegantly simple and superiorly effective. Learning from its predecessors, it overcomes both the financial and technical issues that have made automated attacks so difficult to defend against.
First, it makes automated attacks financially unviable and painfully slow by hitting the attackers where it hurts – their wallets. A cryptographic proof-of-work challenge able to increase in difficulty is designed to exhaust the compute resources of automated attacks, without informing the attacker.
Second, it doesn’t rely primarily on data from the past to apply to the present. A unique sensor detection and inspection process allows for immediate detection with the ability to stop attacks from the first request with an extremely low false positive rate of less than 0.001%. This approach, coupled with world-class obfuscation, provides long-term efficacy.
Simplicity is a Game Changer
It is the simplicity of Kasada that allows it to be a holistic solution for online traffic integrity. Offering time-to-value in less than 30 minutes, it allows for seamless protection across all web properties, mobile apps and APIs – while bringing Internet control and customer visibility back to the business.
Request a Kasada demo and see it for yourself.