Welcome to the sixteenth edition of Cloudflare’s DDoS Threat Report. This edition covers DDoS trends and key findings for the fourth and final quarter of the year 2023, complete with a review of major trends throughout the year.

Well, it’s that time of year again. With the new year comes new predictions. Sometimes it seems that these posts can simply be a cut-and-paste job from year to year. I’m going to do my best to avoid that here. Let’s take a look back on some of our past predictions.

In the digital world, where countless users communicate, share data, and engage in diverse activities, determining the origin and actions behind these interactions can be quite challenging. This is where non-repudiation steps in. Coupling other security factors, such as delivery proof, identity verification, and a digital signature, creates non-repudiation. This guarantees that the parties involved in the transmission are unable to renounce the execution of an action.

Streamlining IT operations and bolstering your cybersecurity posture.

At Netskope, we have a long history of supporting customers in the US Federal Government. For example, the US Patent and Trademark Office (USPTO) recently chose Netskope to help with its cloud-first security initiatives, building out their entire SASE architecture. Today, we’re thrilled to announce two major developments to make it easier to acquire and implement Netskope in US federal agencies and the contractors that support them.

In the current cyber landscape, adversaries commonly employ phishing as the leading technique to compromise enterprise security. The susceptibility of human behavior makes individuals the weakest link in the security chain. Consequently, there is an urgent need for robust cybersecurity measures. Phishing, which capitalizes on exploiting human behavior and vulnerabilities, remains the adversary's top choice. To counter this threat effectively, ongoing education and awareness initiatives are essential.

The SAP GRC (Governance, Risk Management and Compliance) Framework is a collection of enterprise software applications that help organizations control access and prevent fraud across the enterprise. At the same time, they can minimize the time and cost of compliance with internal and external regulations. The SAP GRC framework comprises the SAP Access Control and SAP Cloud Identity Access Governance solutions.

The Sysdig Threat Research Team discovered techniques that allowed the AWS WAF to be bypassed using a specialized DOM event. Web Application Firewalls (WAFs) serve as the first line of defense for your web applications, acting as a filter between your application and incoming web traffic to protect against unauthorized or malicious activity. In this blog post, we will analyze one of the most commonly used Web Application Firewalls, the AWS WAF, and explain ways that allowed it to be bypassed.

My team and I were on a call with a customer who saw a critical need to secure access to his company’s cloud service provider (CSP) containers. Our conversation comes to mind often, because it reflects the fast-evolving nature of privileged access and what it takes to secure it in today’s complex IT environment. As we spoke, the customer stood out to me as a forward-thinking leader. His job: protect and enable an enterprise that is no stranger to the cloud.

After serving as its steward for over a decade, Trustwave has agreed to transfer the reins of the renowned open-source web application firewall (WAF) engine, ModSecurity, to the Open Worldwide Application Security Project (OWASP). This landmark move promises to inject fresh energy and perspectives into the project, ensuring its continued evolution as a vital line of defense for countless websites worldwide.