Tempesta FW is an open source hybrid of an HTTPS accelerator and a firewall aiming to accelerate web resources and protect them against DDoS and web attacks. The project is built into the Linux TCP/IP stack to provide performance comparable with the kernel bypass approaches (e.g. using DPDK), but still be well-integrated with the native Linux networking tools. We’ll talk about Tempesta FW integration with IPtables/nftables to filter network traffic on all the layers and other tools to protect agains layer 7 DDoS and web attacks. Visit https://www.securityweekly.com/psw for all the latest episodes!
https://github.com/tempesta-tech/tempesta – the project source code.
https://netdevconf.info/2.1/session.html?krizhanovsky – Netdev conference paper and the talk video about motivation for the project and its description
https://netdevconf.info/0×14/session.html?talk-performance-study-of-kernel-TLS-handshakes – the latest our Netdev paper (the video will be uploaded later) about our research in the performance of TLS handshakes, including analyzing of performance and security of other TLS implementations, such as mbed TLS, OpenSSL, WolfSSL (during the work we reported an SCA vulnerability for WolfSSL).
It’s official! Security Weekly, in partnership with CyberRisk Alliance, is excited to present Security Weekly Unlocked on December 10, 2020. The inaugural edition of Security Weekly Unlocked also celebrates Security Weekly’s 15th Anniversary. Registration and call for speakers is now open. Visit securityweekly.com/unlocked to submit your speaking session and register for free!
Assembling an infosec home lab is great way to learn more about the ever-changing programs and systems in the cyber world. However, it can get complicated to figure out what you really need to get your own home lab assembled and running. In this segment Tony will go over the the things you need to think about and the resources he uses to build an infosec home lab. Visit https://www.securityweekly.com/psw for all the latest episodes!
In our October 22nd technical training, we will provide a first look at a new, free resource that delivers thousands of remedies as a service to bridge the gap between vulnerabilities found, and vulnerabilities fixed! On October 28th, learn how to build an integrated security platform in our webcast at 3pm ET! Visit https://securityweekly.com/webcasts to see what we have coming up! Or visit securityweekly.com/ondemand to view our previously recorded webcasts!
US Air Force slaps Googly container tech on yet another war machine to ‘run advanced ML algorithms’, Rare Firmware Rootkit Discovered Targeting Diplomats, NGOs, Hackers exploit Windows Error Reporting service in new fileless attack, HP Device Manager vulnerabilities may allow full system takeover, Malware exploiting XML–RPC vulnerability in WordPress, and it’s the 10 year anniversary of Stuxnet: Is Your Operational Technology Safe? Visit https://www.securityweekly.com/psw for all the latest episodes!
Would you like to have all of your favorite Security Weekly content at your fingertips? Do you want to hear from Sam & Andrea when we have upcoming webcasts & technical trainings? Have a question for one of our illustrious hosts, someone from the Security Weekly team, or wish you could “hang” out with the Security Weekly crew & community? Subscribe on your favorite podcast catcher, sign up for our mailing list, and join our Discord Server to stay in the loop on all things Security Weekly! Visit: https://securityweekly.com/subscribe
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!