Understanding Bot Management: From Basic Protection to Advanced Threat Mitigation
A comprehensive guide to bot management, differentiating between basic, intermediate, and advanced protection strategies against evolving bot threats.
Credential Stuffing - A Case For Disclosure?
An in-depth look at the growing threat of credential stuffing attacks on Australian businesses, including recent case studies, defense challenges, and practical recommendations.
The Australian epidemic of Account Takeover attacks
An in-depth look at the growing threat of credential stuffing attacks on Australian businesses, including recent case studies, defense challenges, and practical recommendations.
The Challenge of Proxy Detection: Limitations of Current Solutions
Examine why current security solutions fail to detect and mitigate threats from residential proxies, and the need for comprehensive protection strategies.
Residential Proxy Detection: Quantifying the Hidden Threat
Explore the complexities of residential proxy detection and its impact on organisational risk, with a focus on quantifying the threat and reframing security approaches.
Account Protection and User Experience in Web Applications
Explore strategies to enhance web application security without compromising user experience, focusing on contextual security and adaptive authentication measures.
The Cost of Credential Stuffing: How Account Takeovers Damage Business Reputation
Explore how credential stuffing attacks and account takeovers affect business reputation and customer trust.
2024 Survey Insights
Our 2024 survey reveals Australian businesses are increasingly recognising and addressing account protection challenges, with a focus on combating credential stuffing attacks and the emerging threat of residential proxies.
Why Multi-Factor Authentication Alone Can't Stop Account Takeovers
As cybercriminals employ AI and residential proxies to bypass multi-factor authentication, businesses must adopt a multi-layered security approach to protect against account takeovers.
Peakhour: Addressing Key Cloud Security Categories in the Post-Wiz Era
An analysis of Peakhour's role in addressing key cloud security categories identified in recent industry analysis, demonstrating its comprehensive approach to modern cloud security challenges.
Breached Credentials and Risk Profiling
Learn how breached credential databases and risk profiling provide advanced protection against credential stuffing attacks and enable contextual security measures.
RFC 9460: Enhancing Web Experience
Introducing SVCB and HTTPS records in DNS and their impact on web connectivity.
Dive into the CVSS Scores for CVE-2023-22515 and CVE-2023-22518
Understand CVSS by examining the Atlassian CVE-2023-22515 and CVE-2023-22518.
A Risk Based Approach To Vulnerability Scoring
An in-depth exploration of EPSS, its data-driven approach to assessing cybersecurity threats, and how it complements CVSS.
A Tale Of Two Scoring Systems - The Atlassian Confluence Vulnerabilities
Reviewing the CVSS an EPSS CVE scoring systems in light of the Atlassian Confluence-Aggedon
Navigating CDN Consolidation: Why Local Solutions Matter
Explore the complexities of switching CDN providers amid industry consolidation and how Peakhour can assist in the transition
Google Chrome's "IP Protection" vs Apple Private Relay
An exploration of Google Chrome's new "IP Protection" feature and a comparison with Apple's iCloud Private Relay.
An Overview of JA4+ Network Fingerprinting and Its Implications
An in-depth exploration of the JA4+ network fingerprinting method, its applications, and its role in cybersecurity.
Google Chrome's "IP Protection" and Online Privacy
An exploration of Google Chrome's new "IP Protection" feature, its promise of enhanced privacy.
ModSecurity’s End-of-Life: Implications for Peakhour and Customers
A deep dive into the end-of-life of ModSecurity, its impact on Peakhour, and what it means for the future of
HTTP/2 Rapid Reset Attack Deepdive
The technicalities of the HTTP/2 Rapid Reset vulnerability and steps to fortify against DDoS threats.
Understanding the HTTP/2 Rapid Reset Attack: What It Means and How to Stay Protected
A comprehensive breakdown of the HTTP/2 Rapid Reset flaw and guidance on bolstering defences against potential DDoS attacks.
The Rise of OpenBullet: Automation Tool or Cybersecurity Threat?
A comprehensive look at OpenBullet, its capabilities, and the implications for cybersecurity in the face of its misuse.
A Secure Internet: Chrome's Push Towards HTTPS-First Mode
Google Chrome is advancing towards making the web secure by default through HTTPS-First Mode.
The Emerging Trends: Single Page Applications, Headless Commerce, and Security Threats
An exploration of the evolution in headless commerce and the corresponding security challenges.
Handling the Microsoft 365 outage - a lesson for future DDoS attacks.
Peakhour's take on the recent Microsoft 365 outages instigated by threat actor Storm-1359.
Maximising Website Speed: An Essential Strategy
How can maximising website speed boost your company's revenue, especially during an impending economic recession?
Down But Not Out - JXL Will Return on Safari
What Apple's announcement of JPEG-XL support means for the web ecosystem.
The Rise of the Dragon
Residential proxy malware, and its implications for traditional cybersecurity measures, emphasising the need for evolving threat detection and mitigation strategies.
"Residential Proxies and MITRE Framework: A Comprehensive Analysis"
"This article delves into residential proxies within the context of the MITRE ATT&CK framework, highlighting the security implications and ethical considerations."
Residential Proxies, Friend or Foe?
This article explores the world of residential proxies, revealing the challenges and ethical questions they pose in our GeoIP-dependent digital landscape.
The Death of JPEG-XL
We bid farewell to JPEG-XL after its abrupt deprecation by Google, reinforcing the tech giant's domineering influence over the web and sparking a call for resilient alternatives.
Chrome's TLS Extension Randomisation Experiment: Assessing its Impact on TLS Fingerprinting
Does TLS extension randomisation assist in hiding Chrome?
TLS Fingerprinting: A Primer
What is fingerprinting, and in particular TLS fingerprinting?
Automatic Image Optimisation
Image optimisation saves you bandwidth and designer effort while reduces page load time.
IP Threat Intelligence
Discover and block threats through data enrichment using managed IP reputation lists
Origin shield
Origin shield is a CDN must have feature that increases your Cache Hit Rate by consolidating requests from POPs.
CVE-2022-26134 Atlassian Confluence vulnerability.
Peakhour clients are protected against CVF-2022-26134 Atlassian Confluence RCE
CDN Cache Keys - flexible caching
Cache keys allows the segmenting of the Peakhour.IO cache by elements of both the request and response, enabling effective and flexible caching of content.
Rate limiting
Rate limiting is a powerful way to control client behaviour and protect your origin. Flexible definition of limits and criteria allow precise targeting of client behaviours to limit.
Rate limiting - How it works
How can rate limiting protect your web application and the key items to consider when enabling.
Request collapsing
Request collapsing - saving your origin by reducing concurrent requests and re-using responses for resources.
Cdn-Cache-Control A new way to control caching
CDN-Cache-Control is a proposed new header to augment the venerable Cache-Control. Its aim is to make controlling caching easier as CDNs become ubiquitous.
Cache-Status A new header for diagnosing CDN caching behaviour
Cache-Status is a proposed standard header to provide visibility into how caching providers interact and handle a request.