Security "Bits"

Three Strikes & You're in!

By Nat Kausik | December 21, 2020 at 7:09 PM


Enter three random passwords and this competitor's CASB lets you in! 


Our team was explaining our fundamental access control patents (US patents 10,757,090 and 10,855,671) to a Fortune 100 customer who had a competitor's CASB deployed.  In attempting to demonstrate the power of our access control technology in blocking Denial of Service attacks, our team accidentally discovered that if you entered 3 bad passwords, the competitor's CASB would let an unauthenticated user into their reverse proxy!  

Boom, any hacker could mount a denial of service attack on the F100 organization. Or mount attacks on other organizations masquerading as a user at the F100 organization.  Or, transmit illegal content pretending to be a user at the F100 organization.  In the first attack, the F100 organization would suffer substantial disruption to their business.  In the second and third attacks, the F100 organization would face significant liability.   And there are probably other attacks a hacker could exploit.

If you want real security, register for a free Trial of Bitglass today.




see all