Season 2: Episode 1 - Methods, Easy Targets, and Breach Data

Sara begins by unpacking what’s changed in this year’s research, covering changes in personnel, data sources, and research scope. The team then turns to the first significant finding of the new research series: the discovery of widespread, unsophisticated reconnaissance campaigns targeting PHP. While systems running PHP were a major target last year as well, the proportion of opportunistic traffic looking for old, unprotected PHP vulnerabilities was even higher this year. After that they dive into one of their major data sources, the breach notifications published by individual U.S. states. One of the findings from the breach disclosures was a strong relationship between victims’ industries and the attack methods. Ray, Sara, and Sander look at why that is, and what it means for defenders.

Om Podcasten

In this companion podcast, the 2019 F5 Labs Application Protection Report researchers examine how both apps and threats are changing, and what security practitioners can do to stay ahead of these changes.