CLOUD SECURITY SERVICES

PROTECTING YOUR DATA IN A MULTIVECTOR THREAT ENVIRONMENT

SHARE THIS BROCHURE

A MULTIFACETED THREAT ENVIRONMENT
Today’s threat landscape is a complex, multifaceted environment. Gone are the days of point
defenses like stand-alone firewalls, IPs or gateways, which would be connected in linear
sequence and protect the network by filtering inappropriate access requests. Modern attacks
target user data and frequently bypass — or are transparent to — traditional network defenses.

As the threat landscape evolves, attacks are growing in complexity and persistency, and
zero-day attacks exploit newly discovered vulnerabilities. Bots, crawlers and spammers
crowd web assets by using new techniques to disguise nonproductive traffic as legitimate.
As applications migrate to the cloud, the traditional enterprise IT perimeter dissolves,
and organizations face a distributed data center that spans cloud providers and the
organization’s private network.

Lastly, the accelerated change of attack vectors and assets renders static web security
solutions obsolete. Successfully overcoming this challenge requires continuous readiness
by dynamically adapting to evolving threats and web assets.

REAL-WORLD THREATS MEET REAL-WORLD PROTECTION

Radware, a proven leader in enterprise security, offers a full suite of enterprise-grade cloud
security services. Radware’s Cloud Security Services provides adaptive, real-time protection
for the most sophisticated web security threats via best-in-class security services.

CLOUD DDOS PROTECTION SERVICE — PROTECTING AVAILABILITY

Radware’s Cloud DDoS Protection Service defends organizations against today’s most advanced DDoS attacks
using behavioral-based detection for both network- (L3/4) and application-layer (L7) attacks, automatic real-time
signature creation to protect against zero-day attacks, unique SSL DDoS protection and flexible cloud-based and
hybrid deployment options to suit every customer.

Key features of Radware’s Cloud DDoS Protection Service include:

ÐÐ
Behavioral-Based Attack Detection — Radware
uses machine learning algorithms, which analyze
traffic, understand what constitutes legitimate
behavior and automatically block malicious attacks.
ÐÐ
Zero-Day DDoS Protection — With patent-protected,
real-time signature creation technology, Radware
provides the only cloud service that can automatically
generate protection against zero-day and unknown
DDoS attacks.
ÐÐ
Unparalleled Flexibility — Radware’s Cloud DDoS
Protection Service can be delivered as on-demand,
always-on or hybrid configurations and can be
custom-tailored to suit any customer need, network
topology or threat profile.
ÐÐ
Granular Service-Level Agreement (SLA) — Which
may include detailed commitments for time to
mitigate, time to detect, time to alert, time to divert,
consistency of mitigation and service availability.

ÐÐ
Smart SSL Attack Mitigation — Radware’s unique
technology defends against potent SSL DDoS attacks
without adding latency and without compromising
customer privacy.

Radware’s Cloud DDoS Protection Service is backed by a worldwide network of 11 scrubbing centers, with 5Tbps
of mitigation capacity (and growing). Radware’s scrubbing centers are globally connected in full-mesh mode, using
Anycast-based routing. This ensures that DDoS attacks are mitigated closest to their point of origin and provides truly
global DDoS mitigation capable of absorbing even the largest volumetric attacks.
Figure 1: Cloud DDoS Protection Service

CLOUD WAF SERVICE — PROTECTING EXTERNAL-FACING WEB APPLICATIONS

Radware’s Cloud WAF Service provides the industry’s best web application security by using a positive security
model based on machine learning technologies to provide comprehensive protection coverage against the OWASP
Top 10 threats and other vulnerabilities. Radware’s Cloud WAF Service provides dynamic security policies with
automatic false positive correction, built-in DDoS protection, integrated bot mitigation and other features.

Key features of Radware’s Cloud WAF Service include:

ÐÐ
Comprehensive Web Application Protection —
Radware provides the industry’s best web application
protection based on a positive security model for full
coverage against the OWASP TOP-10 threats and more.
ÐÐ
Adaptive Security Policies — Radware adapts
security policies to optimize coverage to an application’s
threat profile to maximize security coverage and reduce
false positives.

ÐÐ
Automatic Traffic Learning — Radware uses machine
learning algorithms that analyze traffic, learn what
constitutes legitimate behavior and automatically
block/mitigate malicious activity.
ÐÐ
Full PCI Compliance — Radware implements all
10 security mechanisms of PCI-DSS Requirement 6.6.
This includes enforcing a positive security model and
implementing data leakage prevention (DLP) controls.

Figure 2: Cloud WAF Service

BOT MANAGER — BLOCKING BAD BOT TRAFFIC
Radware’s Bot Manager leverages proprietary, semi-supervised machine learning capabilities to provide accurate
detection of bot activity. It delivers comprehensive bot management across all channels, combining behavioral modeling
for granular intent analysis, collective bot intelligence and device fingerprinting. This helps organizations protect against
the threats associated with “bad” bots, including account takeover, scraping data, denying available inventory and
launching denial-of-service attacks to steal data or cause service disruptions.

Key features of Radware Bot Manager include:

ÐÐ
Full Coverage Of OWASP Automated Threats —
Protect from all forms of account takeover, denial
of inventory, DDoS card fraud and web scraping.
ÐÐ
Secure All Channels: Web & Mobile Apps, APIs —
Defend against bots that target digital assets, including
sophisticated bots designed to hit multiple assets.

ÐÐ
Support for Multiple Bot Detection Methods —
Detect and identify bots using a multilayered approach,
including signatures of known bots, HTTP profiling,
device fingerprinting, CAPTCHA, behavioral challenges
and semi-supervised machine learning.
ÐÐ
Nonintrusive Approach — Detect and block
sophisticated humanlike bots in real time using
APIs or an out-of-path mode — all with no impact
on the technology stack.

ÐÐ
Intent-Based Deep Behavioral Analysis (IDBA) —
Identify the intent of bots with the highest precision
through proprietary, semi-supervised machine
learning models.

Figure 3: Radware Bot Manager

CLOUD WORKLOAD PROTECTION SERVICE — PROTECTING THE PUBLIC CLOUD
Radware Cloud Workload Protection Service provides an agentless, cloud-native solution for comprehensive protection
of AWS assets to protect the security posture of cloud environments as well as the individual cloud workloads against
cloud-native attack vectors. Radware detects excessive permissions to workloads, hardens security configurations
before data exposure occurs and detects data theft using advanced machine learning algorithms.

Key features of Radware’s Cloud Workload Protection Service include:

ÐÐ
Comprehensive Cloud Protection — Cloud Workload
Protection Service protects the overall security
posture of the cloud environment as well as the
individual workloads running inside them.
ÐÐ
Context-Aware Smart Hardening — Radware
detects excessive permissions by analyzing the
gap between granted and used permissions, and
provides smart hardening recommendations to fortify
the security posture and reduce attack surfaces.
ÐÐ
Detect Data Theft Activity — Radware uses
advanced machine learning algorithms to identify
anomalous activity within your cloud account and
alert to data theft activity. Radware correlates
individual events using machine learning algorithms
and places them in contextual attack storylines to
block them as they evolve.
ÐÐ
Cloud-Native Solution — Cloud Workload Protection
Service is an agentless, cloud-native solution that
provides low-touch, unobtrusive deployment.
ÐÐ
Centralized Cloud Security Management — Radware
provides centralized visibility and control over large
numbers of cloud-hosted workloads and helps
administrators understand where the attack is
taking place and what assets are threatened.
ÐÐ
Automated Response Mechanisms — Radware
provides built-in measures to automatically remediate
suspicious behavior when it is detected, so you don’t
lose time once a breach is discovered.

Figure 4: Cloud Workload Protection Service

CLOUD MALWARE PROTECTION SERVICE — PROTECTING THE INTERNAL NETWORK
Radware Cloud Malware Protection Service defends against zero-day malware by analyzing internet communication data
collected from a global community of 2 million users. It uses patented machine learning algorithms and unique sandboxing
technology to examine over 100,000 malware samples daily to detect previously unknown malware based on their unique
communication behavior patterns.

Key features of Radware’s Cloud Malware Protection Service include:

ÐÐ
Proactive Protection Against Zero-Day Malware —
This is provided via a continuously updated database
of malicious command & control (C&C) domains and
IP addresses, all drawn from a global community.
ÐÐ
Measure Infrastructure Resilience — Analyze
infrastructure resilience of attempted malicious
outbound communications and compare gateway
performance to global benchmarks.

ÐÐ
Real-Time Alerting — When zero-day malware
is detected in your network, this provides incident
details such as the identity of infected endpoints,
incident history, malware risks and capabilities
and supportive forensic information to help
identify and mitigate vulnerabilities.
ÐÐ
Rich Centralized Dashboard — Displays new threats,
analyzes results and provides visibility across the
entire infrastructure spectrum.
ÐÐ
100% Cloud-Native Solution — No installation
of software or hardware is required at any level.

ÐÐ
Continuous Simulation of Attacks — Simulate
malware currently in the wild without introducing
bad actors into the network and receive
immediate results.

Figure 5: Cloud Malware Protection Service

EMERGENCY RESPONSE TEAM (ERT) — OVERCOMING THE SKILLS GAP
Radware’s ERT is an elite group of security experts available 24x7, every day of the year, for proactive security
support services for customers facing an array of application- and network-layer attacks. Powered by Radware’s
Threat Research Center, ERT engineers combat common and emerging attacks daily and provide customers with
industry-leading expertise, best practices and a deep knowledge of threats, intelligence and mitigation technologies.

Key features of Radware Cloud Workload Protection Service:

ÐÐ
Fastest Attack Mitigation — Fastest-to-detect,
fastest-to-respond and fastest-to-resolve.
Radware’s ERT maintains a 10-minute SLA to
provide organizations under attack with access
to battle-proven security experts.
ÐÐ
Consulting and Reporting — Features monthly
analysis of cyberattacks against your organization
and others to identify attack trends, how your
organization’s network can be impacted and
defense recommendations.

ÐÐ
Preemptive Attack Intelligence — Allows access to
threat alerts, advisories and attack reports provided
by Radware’s Threat Research Center.
ÐÐ
Technical Account Management — Includes a
dedicated and proactive consultant who serves as
a focal point for configuration, tuning, integration
upgrades and attack mitigation.

Figure 6: Emergency Response Team

SUMMARY
The rapid evolution of sophisticated attack vectors means that organizations must deploy defenses with the ability to detect
and characterize attacks and mitigate them swiftly and without impeding legitimate users.

Radware provides a suite of advanced cloud security services that provide comprehensive protection against the latest
attack vectors currently deployed by attackers, which safeguard every facet of an organization’s network and applications.

Radware’s Cloud Security Services offer adaptive, real-time protection against today’s most sophisticated network and web
security threats through best-in-class protection technologies that feature the most comprehensive security coverage.

Certainty Support
Radware offers technical support for all of its products through the Certainty Support Program. Each level of the Certainty
Support Program consists of four elements: phone support, software updates, hardware maintenance and on-site support.
Radware also has dedicated engineering staff members who can assist customers on a professional services basis for
advanced project deployments.

Learn More
To learn more about how Radware’s integrated application delivery and security solutions can enable you to get the most out
of your business and IT investments, email us at info@radware.com or go to www.radware.com.

About Radware
Radware® (NASDAQ: RDWR) is a global leader of cybersecurity and application delivery solutions for physical, cloud and
software-defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure,
application and corporate IT protection and availability services to enterprises globally. Radware’s solutions empower more
than 12,500 enterprise and carrier customers worldwide to adapt quickly to market challenges, maintain business continuity
and achieve maximum productivity while keeping costs down. For more information, please visit www.radware.com.

Radware encourages you to join our community and follow us on: Radware Blog, LinkedIn, Facebook, Twitter, SlideShare,
YouTube, Radware Connect app for iPhone® and our security center DDoSWarriors.com that provides a comprehensive
analysis of DDoS attack tools, trends and threats.

This document is provided for information purposes only. This document is not warranted to be error-free, nor subject to any other warranties or conditions, whether
expressed orally or implied in law. Radware specifically disclaims any liability with respect to this document and no contractual obligations are formed either directly or
indirectly by this document. The technologies, functionalities, services, or processes described herein are subject to change without notice.

© 2019 Radware Ltd. All rights reserved. The Radware products and solutions mentioned in this brochure are protected by trademarks, patents and pending patent
applications of Radware in the U.S. and other countries. For more details, please see: https://www.radware.com/LegalNotice/. All other trademarks and names are
property of their respective owners.

PRD-Cloud_Security_Services-BR-04-2019/02 - US