signature-less-detection-technology

The Benefits of Using Signature-less Detection Technology

signature-less-detection-technology

Cloudbric takes pride in being different from its competitors. With over 19 years of information security experience, Cloudbric Business Edition (BE) utilizes a Web Application Firewall (WAF) based on Penta Security’s unique logic based hardware WAF called WAPPLES. Managing your enterprise’s security has never been easier, not to mention cost saving.

Cloudbric BE is a fully managed autonomous cloud web security suite. What this means is Cloudbric BE enables all enterprise clients, as well as web hosting providers, to successfully install an on-premises WAF solution into their physical or cloud based infrastructure. Futhermore, we eliminated complicated installation procedures, enterprise security settings configurations, and the need to expend resources on specialized security teams. Cloudbric BE’s elite performance derives from its Contents Classification and Evaluation Processing (COCEP) technology. This technology relies on a signature-less detection technology. This is what separates Cloudbric BE from the rest of the market in terms of pure security.

Benefits of Using Cloudbric Business Edition

Most traditional WAF vendors primarily rely on pattern matching or signature-based detection. This means that they are only able to detect and filter previously recorded or known web attacks that have already occurred. However, Cloudbric Business Edition is unique in that we use 26 custom algorithms and rule sets to more accurately block web attacks with low false positives. Our logic based algorithms allow our WAF to capture a wider range of web attacks and possibilities. This helps us detect even unknown or modified web attacks.

The benefits of switching to Cloudbric and taking advantage of this signature-less detection technology are evident:

1. Precise Detection

We detect attacks before they become a problem. As previously mentioned, Cloudbric BE operates on a logic based engine that can block known, unknown attacks, and modified web attacks. Instead of constantly relying on outdated signatures and attack patterns to identify incurred web attacks, we allow our 26 preset rules to intelligently discover more attacks and at a higher accuracy (low false positive).

2. Zero Signature Updates Required

This benefit is clear: no need to perform signature updates! Problems arise with signature-based detection because they cannot predict or detect modified and new attacks. As a result, enterprises have to continuously update new signatures and pay more in the long run. Other WAF vendors charge high prices to purchase their enterprise WAFs, perform installation and settings configuration, and product maintenance with constant system/signature updates. These security vendors leave enterprises with their hands tied since they have to face a choice between leaving their websites exposed to new attacks or pay for the next set of signature updates. With Cloudbric BE there is no need to pay for zero signature updates as they are not required.

3. Cost Saving

As we just mentioned above, not requiring our clients to update signatures can present a major cost savings in the long run. Additionally, we require zero installation or settings configurations in order to activate Cloudbric BE. Hence, enterprises do not need to have a security team to install and constantly maintain our product. Cloudbric BE prides itself in being the ultimate fully managed security suite that can act as your in house web security team. Switch to Cloudbric BE and avoid paying for new updates on top of the enterprise price!

Our special logic analysis engine is what differentiates Cloudbric from other website protection solutions. By opting for a signature-less detection technology and a higher accuracy rate enterprises can save a fortune since it requires zero signature updates, zero hassle, and helps you save money by not expending more unnecessary resources. Compared to our competitors, Cloudbric BE offers affordable and customized pricing to fit the needs of our enterprise customers.

CMS

What Does ‘Website’ Mean to CMS Users?

The definition and concept of website will invariably differ depending on the demographic you’re questioning. Defined literally, a website is a connected group of pages on the internet that use unique addresses and routes on the network, which are based on internet protocols. But who can actually understand this kind of explanation? CMS has become the leading solution to building a website with relative ease, and has become a second home for bloggers worldwide. 

Some of the most widely used CMS tools include WordPress, Joomla, and Drupal. CMS users that depend on these tools must take a closer look at some important issues we will address.

CMS

Chances are you have one of these open right now.

Whereas business owners are going to view websites as a platform for making money, the typical CMS user is thinking more about everyday concepts like social media, news, or the latest baseball game. Whether you’re browsing the news to check out newsfeeds filled with baby pictures and your now happily married friends, chances are your criteria for a good website is going to greatly differ from that of, say, a CEO. Let’s take a look at 3 criteria that the average CMS user might take into consideration when certifying a website as fresh.

1. Content

Well, I think this one is a no-brainer. With the massive amount of available websites providing the latest content, it’s crucial to provide the most engaging and innovative content in order to retain visitors. Let’s face it, people today are extremely lazy and have an attention span of a few seconds. SEO is the name of the game.

Social media has become a huge player today and it’s here to stay due to its ability to provide constant and up to date breaking news from around the world. Sites like Buzzfeed and Upworthy also serve as valuable resources as they compile some eye catching and often times incredible stories to read about.

2. Speed, Ease of Use

Again, back to the short attention span that plagues the current generation. If a website is difficult to navigate or inundated by those irritating popups and ads, chances are users won’t be back. It’s like meeting a potential partner or going in for an interview. The first impression is the name of the game.

If a website takes 5 minutes to load, it’s like being 5 minutes late to an interview. It just shows that you don’t care or you didn’t make the proper preparations. By the way, if you’re still using IE please download Chrome or Firefox now.

3. Active Community

Reddit and Quora are two of the most popular communities around. The beauty of Reddit is that it is built on subreddits. This effectively allows you to navigate straight to the type of content you want to browse. Or you can simply navigate to the front page. Then you can browse the most popular posts regardless of category.

It’s a solid way to keep up with news as well. You can discover things or find an interest in something that you may not even knew existed. This is effective because people don’t want to have to root through irrelevant information (at least to them) in order to access the desired information.

Regardless of Demographic, Everybody Needs Website Security

As a whole, CMS users tend to look at websites in a more laid back manner rather than their strictly business oriented counterparts. However, this doesn’t take away from the fact that website security is of the utmost importance. Many CMS users tend to think that their site is safe since it’s not established or serves as an appealing targets. However, it’s these smaller up and coming sites that are often targeted. This is due to their highly visible vulnerabilities.

Regardless, a web application firewall is a must. Look no further, as Cloudbric is here as your one stop security service to ensure all that painstakingly created content doesn’t fall into the wrong hands. Get started today!

how-to-protect-subdomains

Can I Also Protect My Subdomains With Cloudbric?

Cloudbric received a lot of questions about our web application security service, and in our mission to democratize cyber security, we try our best to make the information readily available. We post a lot of answers in our Help Center, but every week we will give a longer answer about one question. This week, a user asks…

Can I also protect my subdomains with Cloudbric?

Yes, Cloudbric can protect your domain along with any subdomains.

First, let’s talk about what a subdomain is. That’s the part of your website address that comes before your domain name.

A domain name can be broken down into four parts:

  1. subdomain, or third-level domain,
  2. domain, which is also called second-level domain
  3. top-level domain (TLD), which is the *.com, *.net, *.gov, and so on, of your website
  4. if there is a backslash after the top-level domain, everything after that is the subdirectory or subfolder.

These days, the subdomains you’re most likely to see could be blog.*, or mail.*, or m.* for mobile sites, and there are dozens more out there. You may not need Cloudbric protection for a mail or ftp subdomain, but others certainly require security.The most common subdomain is simply the “www.*” that starts off most website addresses. It’s so ubiquitous that we rarely think about what it means. You probably know it stands for “World Wide Web,” but why even bother to say that at all? It dates back to the 1990s, when the World Wide Web wasn’t the main Internet protocol — we also had freenet, ftp, pop, and so on. Nowadays these are much less commonly used. However, they are all valid examples of common subdomains.

Even though your subdomains may be hosted in the same location as your domain, they aren’t considered the same website in many ways. It may affect how search engines like Google index your website. It also means that adding Cloudbric protection to your domain might not cover your subdomain as well.

When you register with Cloudbric, it automatically protects your naked domain,which is your website address without a subdomain. We also protect the www.* subdomain, but not any others. To include your subdomain, you can add it manually here.  After adding it manually, you will be provided with a new set of name servers or A-record/CNAMEs for your subdomain.

How many subdomains?

 

You can add as many subdomains to Cloudbric as you want. The total traffic received by all subdomains will go toward domain bandwidth when calculating your payment amount. So if you have two subdomains receiving 1GB of traffic each, and your domain receives less than 2GB per month, your Cloudbric service is free!

Cloud based WAF

Using a Cloud-Based WAF as a Service for Better Web Security

Before the advent of the cloud-based WAF, Web Application Firewalls (WAF) usually came in the form of hardware. These WAF appliances were great for big businesses and enterprises. They provided flexibility, fast accessibility to the device and  did not depend on external connections for functionality. However, they also had a few disadvantages.

Hardware WAFs were very difficult to install and deploy since they are heavy and take up a lot of space. They can be hard to maintain, and lastly they’re on the costly side. Only large enterprises can actually afford hardware WAFs. Meanwhile, small and medium companies were left to fend for themselves.

The Birth of the Cloud-Based WAF

Thankfully, this has changed rapidly over time. Since the birth of the cloud, many innovative WAF vendors have turned these same enterprise level security features into a cloud-based WAF as a service specifically aimed at SMBs. The shift from hardware to cloud based WAF as a service have proven to be beneficial for three reasons.

1. Fully Managed Security

WAF as a service doesn’t require any hardware to operate. All one needs to do is configure their DNS information to start securing a website. This provides great accessibility for small and medium sized businesses. It also reduces any resources needed to setup and customize a traditional enterprise solution.

2. No Technical Knowledge Needed

A cloud-based WAF as a service also handles and manages all of your HTTP and HTTPS traffic. WAF vendors have detection technologies in place that can automatically detect and filter malicious attacks. This means you can focus on what’s most important for your business—gaining customers. The need for specialized security staff or technical experts is unnecessary when using a WAF as a service.

3. Easy to Understand Analytics

We make providing web security to SMBs our top priority. That being said, many WAF as a service vendors want to cater to the SMB market by providing easy to understand web traffic analytics. There is absolutely zero need to have a specialist scrub your web traffic data to look for any inconsistencies and how many attacks were actually blocked. These days, almost all security vendors provide great metrics and analytics that can help any business owner see the impact of their WAF.

most cloud-based waf solutions will give analytics

Cloud-based WAF as a service solution has made it possible for more people to secure their websites with zero hassle and at a much lower cost. Implement a WAF today so you can focus on growing your business while we take care of the rest.