SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image
Radware launches 'best-of-suite' offering for better cloud protection
Mon, 27th Feb 2023
FYI, this story is more than a year old

Radware has announced it has advanced its cloud application protection services to create a best-of-suite offering.

According to the company, for complete visibility and control, the suite combines the company’s best-of-breed application protection solutions in one seamless platform, all manageable through a single pane of glass.

This includes Radware’s cloud DDoS protection service, cloud web application firewall (WAF) service, API protection, bot manager, and just-released client-side protection.

Radware’s best-of-suite solution is CDN agnostic and available with fully managed services. For maximum security, the platform uses advanced automation to protect web and mobile applications and their APIs across on-prem, private and public clouds, and Kubernetes environments.

According to the company, it defends against a full array of application layer attacks, ranging from HTTP DDoS and bot attacks to OWASP Top 10 and zero-day attacks, API abuse, and supply-chain attacks like formjacking.

Gabi Malka, Radware’s Chief Operating Officer, says, “Faced with tighter budgets and a shortage of security expertise, companies can no longer deal with the overhead and noise involved in protecting siloed environments using a collection of products from different vendors. Not only does it drive up total cost of ownership, but it also leads to gaps in protection and security compromise.

“Our best-of-suite approach represents another strategic move in delivering on our commitment to holistic application protection. From browser to server side, the 360- degree solution blankets the application environment against application layer attacks, so organisations can easily scale their security as their applications evolve and business grows.”

Along with its best-of-suite strategy, Radware introduced an advanced new client-side protection solution, which secures the data path between an end user’s browser and third-party services in the application supply chain.

To protect an end user’s personally identifiable information, and credit card and login data from in-browser threats, the solution continually monitors third-party JavaScript services and client-side activity, automatically sending alerts and blocking suspicious requests.

The line of defence not only helps companies adhere to privacy and data security compliance standards, but it also assists in preventing data leakage that can lead to account takeovers as well as mitigating a variety of security threats, Radware states. This includes formjacking, Magecart, card skimming, payment and digital skimming, Java script skimmers, e-skimming, and DOM XSS attacks.

Malka says, “As server-side security advances, more hackers are exploiting vulnerabilities and launching malicious attacks through the less protected and seldom monitored client-side supply chain.

“Without client-side protection, organisations are flying blind. They’re exposing end users to third-party services that are embedded in their applications and over which they lack visibility and control.”

Radware’s approach to client-side protection includes automation, visibility, and granular mitigation. It features the following:

  • End-to-end automation: Auto discovery and mapping of third-party JavaScript services as well as risk assessment and mitigation can be automatically triggered by risk level to reduce overhead and bridge the skills gap.
  • Granular mitigation and surgical enforcement: When blocking a domain, nefarious requests can be isolated to avoid disrupting vital third-party services.
  • Real-time risk assessment: For each new domain or URL added to the supply chain, risk notifications are immediately delivered, so organisations have the visibility needed to make informed decisions about their third-party services.