Beyond the IP Address
Discover why traditional IP-based rate limiting is obsolete and how advanced techniques provide robust protection against modern distributed attacks.
The Bot Spectrum
Learn to classify bots into good, bad, and grey categories and apply the right management strategy for each.
Protecting Against a Share Point Zero Day Vulnerability with Network Fingerprinting
Analysis of attempts to exploit a recent Share Point zero day vulnerability reveal network fingerprinting and classification is a robust defense.
A Complete Guide to SMS Pumping Fraud
SMS pumping fraud cost businesses $6.7 billion in 2021. Learn how these sophisticated attacks work, which companies face the highest risk, and the most effective protection strategies.
Why We Can't Trust IP Addresses
The proliferation of residential proxy networks has undermined traditional IP-based security, enabling attackers to bypass protection measures while appearing as legitimate users.
How AI Agents Are Writing Custom Exploits
AI agents with reasoning capabilities like DeepSeek are revolutionizing exploit development, marking the end of traditional security approaches based on static rules and patterns.
How MTU Fingerprinting Identifies VPNs and Mobile Users
Learn how MTU fingerprinting reveals VPN usage, mobile connections, and network technologies through TCP handshake analysis. Discover practical SQL techniques for dynamic network intelligence.
Residential Proxies - The Growing Threat to Ad Campaigns
Learn how distributed bot networks using residential IPs are evolving to evade traditional fraud detection
Next-Generation Application Security Defence Strategies
Comprehensive analysis of AI-powered cyber threats and how modern application security platforms defend against machine learning-driven attacks. Learn advanced defence strategies for the AI cybersecurity arms race.
Quantifying The Residential Proxy Threat
Explore the complexities of residential proxy detection and its impact on organisational risk, with a focus on quantifying the threat and reframing security approaches.
Rate Limiting for API Security
How advanced rate limiting protects modern applications and APIs from sophisticated threats including proxy networks, distributed attacks, and automated abuse in enterprise security environments.
HTTP Security Headers
Comprehensive guide to HTTP security headers for protecting web applications from client-side attacks. Learn essential browser security configurations for modern application security platforms and DevSecOps workflows.
RFC 9460
Introducing SVCB and HTTPS records in DNS and their impact on web connectivity.
A Risk Based Approach To Vulnerability Scoring
An in-depth exploration of EPSS, its data-driven approach to assessing cybersecurity threats, and how it complements CVSS.
Navigating CDN Consolidation
Explore the complexities of switching CDN providers amid industry consolidation and how Peakhour can assist in the transition
Google Chrome's "IP Protection" and Online Privacy
An exploration of Google Chrome's new "IP Protection" feature, its promise of enhanced privacy.
ModSecurity’s End-of-Life
ModSecurity's end-of-life marks a pivotal moment in application security evolution. Discover how modern Application Security Platforms are advancing beyond traditional WAF approaches to provide comprehensive protection for web applications and APIs at the edge.
HTTP/2 Rapid Reset Attack Deepdive
The technicalities of the HTTP/2 Rapid Reset vulnerability and steps to fortify against DDoS threats.
Understanding the HTTP/2 Rapid Reset Attack
A comprehensive breakdown of the HTTP/2 Rapid Reset flaw and guidance on bolstering defences against potential DDoS attacks.
ZDNS - scan the entire internet
Details the use of ZDNS, a high-performance DNS toolkit, to create a comprehensive Reverse DNS (rDNS) lookup database by scanning the entire internet, and how randomizing the IP space overcomes UDP timeout issues.
Enterprise DDoS Protection
Analysis of the Microsoft 365 DDoS attack by Storm-1359 reveals critical lessons for enterprise application security platforms. Learn advanced Layer 7 DDoS protection strategies and rate limiting techniques for modern applications.
The Rise of the Dragon
Residential proxy malware, and its implications for traditional cybersecurity measures, emphasising the need for evolving threat detection and mitigation strategies.
Residential Proxies and MITRE Framework
Explore residential proxies within the context of the MITRE ATT&CK framework, highlighting the security implications and ethical considerations.
Residential Proxy Detection
Comprehensive analysis of residential proxy threats and detection strategies for modern application security platforms. Learn how sophisticated threat actors use residential proxies to bypass traditional security measures.
Advanced Anomaly Detection
Deep dive into Robust Random Cut Forest (RRCF) implementation for real-time anomaly detection in Application Security Platforms. Learn how advanced machine learning algorithms enhance threat detection and automated response capabilities.
Double MAD?
This article explores the use of Double Median Absolute Deviation (Double MAD) for anomaly detection in time series data, particularly in skewed or non-symmetric distributions.
Efficiently Generating and Printing All IPv4 Addresses in a Random Order
Explains how to efficiently generate all IPv4 addresses in a random order using a Linear Congruential Generator (LCG), a memory-efficient method for tasks like security testing and network simulation.
Layer 7 DDoS Protection
Comprehensive guide to Layer 7 DDoS protection using strategic caching within application security platforms. Learn how intelligent caching strategies provide robust defence against sophisticated application-layer attacks.
TLS Fingerprinting
What is fingerprinting, and in particular TLS fingerprinting?
IP Threat Intelligence
Comprehensive guide to IP threat intelligence for modern application security platforms. Learn how managed IP reputation lists and threat intelligence feeds protect applications from known malicious sources and emerging threats.
Origin shield
Origin shield is a CDN must have feature that increases your Cache Hit Rate by consolidating requests from POPs.
CVE-2022-26134
Peakhour clients are protected against CVF-2022-26134 Atlassian Confluence RCE
Intelligent Rate Limiting
Comprehensive guide to intelligent rate limiting for modern application security platforms. Learn how sophisticated rate limiting protects APIs and web applications from abuse, DDoS attacks, and automated threats whilst maintaining optimal user experience.
Rate limiting
How can rate limiting protect your web application and the key items to consider when enabling.
Fastly Outage
Fastly, a major CDN provider, had a global outage last night which affected some of the world's largest websites and internet services. Why didn't they have a backup plan?
Why Manage Bots?
Comprehensive guide to enterprise bot management and advanced countermeasures for protecting applications against sophisticated malicious bot threats. Learn proven strategies for bot detection, mitigation, and automated defence systems.
Application Performance Optimisation
Comprehensive guide to application performance optimisation with integrated security testing. Learn how modern Application Security Platforms deliver superior performance whilst maintaining robust threat protection for contemporary applications.
Instant Alerts
Introducing Instant Alerts, a new feature for receiving emails or SMS alerts when events happen on your site.