Bringing new ideas to life
According to Verizon Data Breach Investigations Report, 60% of all successful attacks were aimed at SMEs because—as a group—SMEs lack the expertise, resources, or processes required to monitor and manage security products in IT environments.
Are you following Paul Graham advices and are always looking forward to use the latest available technologies such as Docker, Machine Learning and Cloud Providers? We got what you're saying. While it's true that using latest technologies and frameworks tend to increase the security, they can't fill the entire gap when it comes to applications.
You may use an Infrastructure as a Service (IaaS) such as Amazon Web Services (AWS) or Google Cloud, or even a Platform as a Service (PaaS), such as Heroku to protect your applications and servers, but they have a shared security responsibility model. It means that they're responsible only for a part of the big picture. The application layer is still YOUR responsibility.
Why Would Cyber Criminals Attack My Startup?
- Latest frameworks can't prevent business logic flaws: even if you're running the latest version of Rails, there are security vulnerabilities that are created because of the business context of your application. No tool can identify of prevent such flaws;
- Security is not a priority: startups are so obsessed with time-to-market and cost-optimization that leave non-functional requirements such as performance and security on the table;
- No security personnel: it's common to see security job offers in large and global companies, but not on startups. Just check AngelList job board and you won't see security engineering jobs. At least not so far. And Attackers know that. They can see through your applications and servers that they haven't incorporated security since their conceptions;
- Some cyber criminals just want numbers: it's true that some cyber criminals are focused on certain targets and look for either take them down or make money, but there is another group of attackers that want to compromise the maximum amount of applications and servers they could. The purpose, for example, is to build or increase the size of a botnet. Botnet is a network of compromised applications or servers that act as a one and receive and execute commands from a Command and Control (CNC) server controlled by the attacker. They're usually used to perform large escale Distributed Deny of Service (DDoS) attacks and mine bitcoin.
Is it hard to believe? Just analyze your website logs. You'll find many random requests that didn't come from users. Usually looking for /admin or specific files in order to identify if you're running a vulnerable application. Even if your site isn't on Google. It happens because attackers perform requests in the whole IPv4 address space, thus sending requests to ALL internet-facing servers in the world. They don't really care about who you are, they want your applications and servers compromised for nefarious purposes.
How Gauntlet Can Help Your Business
Combining our cloud-based application security platform with our security services, we can: