2021 was a big year for ThreatX. Not to brag, but we more than doubled our employees and customers, and made it on to the Gartner MQ! It also brought a lot of big changes to the world of security (including one nasty not-so-little surprise at year’s end).
What were the big hurdles security teams tackled in 2021?
At the beginning of a new year, we always find it helpful and informative to take a look back at our most-read blog posts. It gives us a pretty clear picture of the priorities, interests, and problems of our security audience, and indicates what’s to come in the new year.
Below are our most-read posts. If you haven’t already read them, we think you should. Don’t miss any in 2022 by subscribing to our ThreatINDEX newsletter to keep up with our content. Subscribers get lots of news, tips, advice, and how-tos from our security experts on the front lines. Thanks for listening; here’s to a safe and secure 2022!
API protection was a very hot topic last year. API use is exploding, and so is their appeal to cyberattackers. Any content we produced on API protection got a lot of attention in 2021 – so this is clearly an area of interest and concern. From our perspective, it seemed like API protection was a problem everyone was trying to wrap their heads around in 2021, and we think 2022 is going to be the year that a lot of security teams make a concerted effort to put an API protection solution in place. Part of that educational phase was understanding exactly what the API attack surface looks like – what do we have, where is it, what don’t we know about – and that’s where rogue, zombie, and shadow APIs come in. Check out this popular blog post explaining why you probably have more API attack surface than you think.
Securing APIs and web apps can feel like a big, sticky problem. And the popularity of this blog post indicates that security teams are looking for both a roadmap, and a clear starting point. What’s the best way to start tackling this problem? Our CPO Tom Hickman does a good job outlining what to do first, then what to chip away at over time.
Credential stuffing attacks are becoming rampant – just last week the New York Attorney General announced the results of an investigation into credential stuffing attacks that found that these attacks have compromised over a million customer accounts. We know this is a big issue – we work with our customers every day to thwart these attacks, and our content on the topic gets a lot of traffic. Yes, it’s a problem because so many people re-use passwords, but these attacks are also bogging down security teams because they end-run legacy, signature-based solutions. As our CTO Bret Settle says in this popular post, “unlike a brute force attack, credential stuffing attacks don’t typically try to iterate through multiple passwords for a given account. They simply try the stolen name/password pair, and if that doesn’t work, they move on to the next. As a result, rules that lock out an account after a certain number of failures will never trigger.”
We saw a flurry of activity, understandably, with our Log4j content. This blog post from our SOC manager with tips on how to start tackling the Log4j issue was our most popular post on the topic. Here’s a list of all our content on the topic; we know many of you are still grappling with it and these may prove helpful.
The key to protecting your APIs and apps? Hint: It’s not a signature-based solution. Cyberattacks against APIs and apps are ramping up, and it’s becoming clear that cyberattackers are outsmarting legacy solutions that rely on signatures. A lot of people are trying to understand why, as evidenced by the popularity of this blog post. As our CPO Tom Hickman says in this post, “Every once in a while, attackers or defenders will make an evolutionary leap forward that goes beyond the incremental back and forth that normally defines the threat landscape. In these cases, security teams can find that their security tools are built for playing checkers while the attackers have moved on to playing chess.”
Don’t Miss a Post
Did you miss any of these? Make sure you subscribe to the ThreatINDEX newsletter – not only will you stay up to date, but we’re also committed to creating and sharing even more practical and useful content in 2022.