2/3/2017 5:01:51 PM
Introducing a web security ACL to block based on device fingerprints
Web Security,Web App Security,Web App Security API
App Developer Magazine

Introducing a web security ACL to block based on device fingerprints

Richard Harris Richard Harris in Security Friday, February 3, 2017

Distil Networks, Inc., a bot detection and mitigation company, has announced a web application security Access Control List (ACL) platformA to block based on device fingerprints, providing a more effective way for website defenders to manage and apply whitelists and blacklists across their online applications.

"A key piece of feedback we got from our Bot Defense Council was that they were spending too much time managing ACLs in their firewall or WAF, so we set out to reimagine what a modern ACL could be," said Rami Essaid, CEO of Distil Networks. "Traditionally, ACLs have been centered around IP addresses, but Advanced Persistent Bots simply rotate through IP addresses or hide behind proxy networks. With our Universal ACL, customers can set a policy with a very specific set of information, then apply it to a specific path, domain or API. They can even put someone in a 'penalty box', which can then automatically deprecate after say 48 hours. There's no need to worry about what IPs are associated with, say North Korea. We manage all that for you. This is the easy button for controlling how you whitelist and block different types of traffic hitting your websites and APIs."

While ACL creation and updating has typically been time consuming and hard to manage, Distil's Universal ACL offers a policy-based approach for effective time management, visibility, and control. Customers can create a universal ACL policy, which they can then apply to a specific domain, URL/path, API, or across their entire Distil Networks account.

Unlike traditional ACLs that are limited to IP addresses, the ACL enables whitelisting or blacklisting based on any combination of IPs, countries, organizations, tokens, hi-def fingerprints, user agents, and referrers. Distil also shields users from the tedious task of managing IP drift. For example, instead of uploading and maintaining a list of IPs that correspond to unwanted traffic from a nefarious organization, hosting provider, or country, the ACL provider updates the corresponding IPs automatically behind the scenes.

475 Tax Deductions for Businesses and Self-Employed Individuals

Are you paying more taxes than you have to as a developer or freelancer? The IRS is certainly not going to tell you about a deduction you failed to take, and your accountant is not likely to take the time to ask you about every deduction you’re entitled to. As former IRS Commissioner Mark Everson admitted, “If you don’t claim it, you don’t get it.

A hands-on guide to mastering mobile forensics for iOS and Android

Get hands-on experience in performing simple to complex mobile forensics techniques Retrieve and analyze data stored not only on mobile devices but also through the cloud and other connected mediums A practical guide to leveraging the power of mobile forensics on popular mobile platforms with lots of tips, tricks, and caveats.

Gps tracker for kids

The Chirp GPS app is a top-ranked location sharing app available for Apple and Android that is super easy to use, and most of all, it's reliable.

The Latest Nerd Ranch Guide (3rd Edition) to Android Programming

Write and run code every step of the way, using Android Studio to create apps that integrate with other apps, download and display pictures from the web, play sounds, and more. Each chapter and app has been designed and tested to provide the knowledge and experience you need to get started in Android development.