Three Strikes & You're in! - Security Boulevard

Three Strikes & You’re in!

three-strikes-image

Enter three random passwords into this competitor’s CASB and you’re in! 

 

Our team was explaining our fundamental access control patents (US patents 10,757,090 and 10,855,671) to a Fortune 100 customer who had a competitor’s CASB deployed.  In attempting to demonstrate the power of our access control technology in blocking Denial of Service attacks, our team accidentally discovered that if you entered 3 bad passwords, the competitor’s CASB would let an unauthenticated user into their reverse proxy!  

Boom, any hacker could mount a denial of service attack on the F100 organization. Or mount attacks on other organizations masquerading as a user at the F100 organization.  Or, transmit illegal content pretending to be a user at the F100 organization.  In the first attack, the F100 organization would suffer substantial disruption to their business.  In the second and third attacks, the F100 organization would face significant liability.   

If you want real security, register for a free Trial of Bitglass today.

 


*** This is a Security Bloggers Network syndicated blog from Bitglass Blog authored by Nat Kausik. Read the original post at: https://www.bitglass.com/blog/three-strikes-youre-in