See how media companies detect attackers before serious breaches happen.
Today, Cyber attacks targeting web applications always follow the same scheme:
- An attacker performs an initial vulnerability discovery or fingerprinting, usually through a standard security scan. A security scan is unlikely to expose security vulnerabilities. However, they bring an initial overview about topology and exposed services.
- Unauthenticated users have very limited access to applications. For web applications, when the account creation is open, the attacker will create a user account to investigate further. For the others, the attacker will target existing user accounts. He will basically target qualified accounts first: users from the app domain, administrators, power users, etc.
- Gaining authenticated access allows the attacker to benefit from a much wider surface attack, with the ability to query most of the endpoints (application backend services).
- Create a security culture.
This case study shows how a large media company, used Sqreen to detect attackers in their app early and was able to avoid a more serious data breach.