Latest news with #websecurity
Yahoo
15 hours ago
- Business
- Yahoo
Is Trending Stock Cloudflare, Inc. (NET) a Buy Now?
Cloudflare (NET) is one of the stocks most watched by visitors lately. So, it might be a good idea to review some of the factors that might affect the near-term performance of the stock. Over the past month, shares of this web security and content delivery company have returned +2.2%, compared to the Zacks S&P 500 composite's +3.3% change. During this period, the Zacks Internet - Software industry, which Cloudflare falls in, has gained 6.1%. The key question now is: What could be the stock's future direction? Although media reports or rumors about a significant change in a company's business prospects usually cause its stock to trend and lead to an immediate price change, there are always certain fundamental factors that ultimately drive the buy-and-hold decision. Revisions to Earnings Estimates Rather than focusing on anything else, we at Zacks prioritize evaluating the change in a company's earnings projection. This is because we believe the fair value for its stock is determined by the present value of its future stream of earnings. Our analysis is essentially based on how sell-side analysts covering the stock are revising their earnings estimates to take the latest business trends into account. When earnings estimates for a company go up, the fair value for its stock goes up as well. And when a stock's fair value is higher than its current market price, investors tend to buy the stock, resulting in its price moving upward. Because of this, empirical studies indicate a strong correlation between trends in earnings estimate revisions and short-term stock price movements. Cloudflare is expected to post earnings of $0.23 per share for the current quarter, representing a year-over-year change of +15%. Over the last 30 days, the Zacks Consensus Estimate remained unchanged. For the current fiscal year, the consensus earnings estimate of $0.84 points to a change of +12% from the prior year. Over the last 30 days, this estimate has changed -9.1%. For the next fiscal year, the consensus earnings estimate of $1.09 indicates a change of +29.4% from what Cloudflare is expected to report a year ago. Over the past month, the estimate has changed +4.8%. Having a strong externally audited track record, our proprietary stock rating tool, the Zacks Rank, offers a more conclusive picture of a stock's price direction in the near term, since it effectively harnesses the power of earnings estimate revisions. Due to the size of the recent change in the consensus estimate, along with three other factors related to earnings estimates, Cloudflare is rated Zacks Rank #3 (Hold). The chart below shows the evolution of the company's forward 12-month consensus EPS estimate: 12 Month EPS Revenue Growth Forecast Even though a company's earnings growth is arguably the best indicator of its financial health, nothing much happens if it cannot raise its revenues. It's almost impossible for a company to grow its earnings without growing its revenue for long periods. Therefore, knowing a company's potential revenue growth is crucial. For Cloudflare, the consensus sales estimate for the current quarter of $544.06 million indicates a year-over-year change of +26.5%. For the current and next fiscal years, $2.11 billion and $2.66 billion estimates indicate +26.7% and +25.7% changes, respectively. Last Reported Results and Surprise History Cloudflare reported revenues of $512.32 million in the last reported quarter, representing a year-over-year change of +27.8%. EPS of $0.21 for the same period compares with $0.2 a year ago. Compared to the Zacks Consensus Estimate of $500.72 million, the reported revenues represent a surprise of +2.32%. The EPS surprise was +16.67%. Over the last four quarters, Cloudflare surpassed consensus EPS estimates three times. The company topped consensus revenue estimates each time over this period. Valuation No investment decision can be efficient without considering a stock's valuation. Whether a stock's current price rightly reflects the intrinsic value of the underlying business and the company's growth prospects is an essential determinant of its future price performance. While comparing the current values of a company's valuation multiples, such as price-to-earnings (P/E), price-to-sales (P/S), and price-to-cash flow (P/CF), with its own historical values helps determine whether its stock is fairly valued, overvalued, or undervalued, comparing the company relative to its peers on these parameters gives a good sense of the reasonability of the stock's price. As part of the Zacks Style Scores system, the Zacks Value Style Score (which evaluates both traditional and unconventional valuation metrics) organizes stocks into five groups ranging from A to F (A is better than B; B is better than C; and so on), making it helpful in identifying whether a stock is overvalued, rightly valued, or temporarily undervalued. Cloudflare is graded F on this front, indicating that it is trading at a premium to its peers. Click here to see the values of some of the valuation metrics that have driven this grade. Conclusion The facts discussed here and much other information on might help determine whether or not it's worthwhile paying attention to the market buzz about Cloudflare. However, its Zacks Rank #3 does suggest that it may perform in line with the broader market in the near term. Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report Cloudflare, Inc. (NET) : Free Stock Analysis Report This article originally published on Zacks Investment Research ( Zacks Investment Research
Zawya
17-07-2025
- Business
- Zawya
AWS WAF reduces web application security configuration steps and provides expert-level protection
Dubai, UAE – AWS has announced general availability of the AWS WAF simplified console experience that reduces web application security configuration steps by up to 80% and provides expert-level protection to help optimize application security. AWS WAF helps protect web applications and APIs against common web exploits and bots that could affect availability, compromise security, or consume excessive resources. Security teams can now implement comprehensive protection for applications within minutes through pre-configured protection packs that incorporate AWS security expertise and are continuously updated to address emerging threats. These templates provide extensive security coverage including protection against common web vulnerabilities, malicious bot traffic, application layer DDoS events, and API-specific threats, all customized to your application type. With the new console experience, select the application type, such as E-commerce platforms or transaction processing applications, to automatically apply expert-curated protection rules optimized for the specific use case. The unified dashboard provides consolidated security metrics, threat detection, and rule performance data, enabling security teams to quickly identify and respond to potential threats while maintaining full security control. Key security controls, including rate limiting, geographic restrictions, and IP reputation filtering, can be customized through an intuitive single-page interface that reduces configuration time. The new AWS WAF console experience is available in all AWS Regions. About Amazon Web Services Since 2006, Amazon Web Services has been the world's most comprehensive and broadly adopted cloud. AWS has been continually expanding its services to support virtually any workload, and it now has more than 240 fully featured services for compute, storage, databases, networking, analytics, machine learning and artificial intelligence (AI), Internet of Things (IoT), mobile, security, hybrid, media, and application development, deployment, and management from 114 Availability Zones within 36 geographic regions, with announced plans for 16 more Availability Zones and five more AWS Regions in Chile, New Zealand, the Kingdom of Saudi Arabia, Taiwan, and the AWS European Sovereign Cloud. Millions of customers—including the fastest-growing startups, largest enterprises, and leading government agencies—trust AWS to power their infrastructure, become more agile, and lower costs. To learn more about AWS, visit About Amazon Amazon is guided by four principles: customer obsession rather than competitor focus, passion for invention, commitment to operational excellence, and long-term thinking. Amazon strives to be Earth's Most Customer-Centric Company, Earth's Best Employer, and Earth's Safest Place to Work. Customer reviews, 1-Click shopping, personalized recommendations, Prime, Fulfillment by Amazon, AWS, Kindle Direct Publishing, Kindle, Career Choice, Fire tablets, Fire TV, Amazon Echo, Alexa, Just Walk Out technology, Amazon Studios, and The Climate Pledge are some of the things pioneered by Amazon. For more information, visit and follow @AmazonNews.
Yahoo
27-06-2025
- Business
- Yahoo
Leeds United and Reflectiz Partner to Share Insights on Proactive Web Security After Cyber Attack
LEEDS, England, June 27, 2025 /PRNewswire/ -- Leeds United FC, a globally recognized football club, and Reflectiz, a leading provider of proactive web security, today announced an upcoming webinar titled "Beyond the Breach: How Leeds United Achieved Proactive Web Security After a Magecart Attack." This essential webinar will delve into the critical topic of client-side security, offering invaluable lessons from Leeds United's real-world experience with a Magecart attack. This live webinar will feature Graham Peck, Head of IT and Security at Leeds United, who will provide a firsthand account of the Magecart attack on the club's online shop in February 2025. He will share the challenges faced and the pivotal steps taken to enhance their web security posture. Joining Graham Peck will be Isaac Moddel, VP Sales at Reflectiz, an expert in client-side security. Moddel will offer strategic insights into understanding, preventing, and mitigating the growing threat of Magecart attacks and other client-side vulnerabilities. Attendees will learn about: Understanding the threat of Magecart and E-skimming. Detailed insights into the Leeds United incident and its aftermath. The critical importance of supply chain visibility Strategies for moving from reactive incident response to proactive security measures. How Reflectiz's advanced functionalities provide comprehensive immunity to client-side attacks. This webinar is a must-attend for IT professionals, cybersecurity experts, e-commerce managers, and anyone responsible for maintaining the security and integrity of online platforms. Gain actionable insights and best practices to safeguard your digital assets and customer data. Webinar Details: Date: Wednesday, July 2nd, 2025 Time: 10:00 AM GMT (approx 45 min) Speakers: Graham Peck (Head of IT and Security, Leeds United) and Isaac Moddel (VP Sales, Reflectiz) Registration: About Leeds United Leeds United Football Club, based in West Yorkshire, England, is a professional football club with a rich history dating back to 1919. Playing their home matches at Elland Road, the club has spent much of its existence in the top tiers of English football, achieving notable successes including three League Championship titles, one FA Cup, and one League Cup. Known as "The Whites," Leeds United boasts a passionate global fanbase and is a significant institution in English football. About Reflectiz Reflectiz is a leading cybersecurity company specializing in next-generation web threat management. Years of research by cybersecurity experts have led to the development of our cutting-edge platform, which is trusted by global companies to keep their websites secure. Recognized by Gartner for innovation in website security, Reflectiz is dedicated to combating today's web threats and making the internet a safer place for businesses and customers alike. ContactVP MarketingDaniel SharabiReflectizdaniel.s@ Photo - View original content to download multimedia: SOURCE Reflectiz
Forbes
23-06-2025
- Forbes
Understanding And Improving Web Security Performance
Alexander Krizhanovsky is CEO of Tempesta Technologies and the architect of Tempesta FW. The cornerstone of a secure web architecture is a web application firewall (WAF). A WAF is essentially a web proxy that sits in front of your web application, detecting and blocking web attacks and application-layer DDoS attacks. Although some vendors focus exclusively on web API security, modern next-generation WAFs typically include API protection as well. For simplicity, 'WAFs' will refer to solutions that also handle API security. Performance Issues In Web Security Although WAFs are designed to protect web applications, they often suffer from low performance (download), leading to not only scalability limitations but also security issues. A high-quality, deep-inspection WAF might process only 1,000 to 5,000 requests per second (RPS), depending on the vendor and workload. Under heavy load, latency for the 99.9th percentile and above can exceed one second. Given that an average web page triggers dozens of HTTP requests, WAF-induced latency may result in 10 seconds or more total page load time. In contrast, open-source web proxies like NGINX or HAProxy can easily handle 100,000 RPS and have just several milliseconds of latency for the 99.9th percentile. The reason WAFs are so much slower is the intensive logic applied to every request and response: normalization of input data, hundreds of complex regular expressions, validation routines for various data types, the logic tailored to specific frontend/backend frameworks and dozens of other things. Scaling a WAF to 100,000 RPS and beyond can be cost-prohibitive, especially for high-traffic infrastructures. Yet, even smaller web services (100 to 1,000 RPS) can experience traffic surges from DDoS or AI-feeding bots. Web Bots And DDoS Attacks Advanced proxy services now help web bots (e.g., scrapers) avoid detection. Although bots often aren't intended to cause DDoS, their inaccurate logic in fetching information can have that effect. For instance, recently experienced such a case. The AI industry's demand for data has also fueled the growth of bot-avoidance tools. WAFs' DDoS Weakness Any slow logic is a potential DDoS vector—WAFs included. A well-known example is a regular expression denial of service (ReDoS), where inefficient regular expressions, or regexes, are exploited to spike CPU usage. Rate limits are a basic but effective mitigation tool. However, they're hard to configure safely so they don't affect normal users, are vulnerable to misjudged thresholds and can be inflexible with unexpected marketing surges or application degradations. Thus, more sophisticated traffic analysis—often powered by machine learning (ML)—is required. But ML-based systems need time (often several minutes) to observe classification traffic and react. This means DDoS attacks can succeed temporarily before protection kicks in. In LWN's case, bots used a proxy network distributing requests across millions of IP addresses, with each sending a single browser-mimicking request. Such attacks are hard to detect and often slip through defenses. Architectural Limits Of Traditional WAFs Most WAFs are built on general-purpose web servers like NGINX or Envoy, which are optimized for daily workloads, not for aggressively filtering malicious traffic with minimal resource consumption. Common inefficiencies include redundant data copies and inspections of the same data. Also, the event handling model of a web server isn't well suited to heavy request processing. Cloudflare, for example, has blogged extensively about optimizing and reworking NGINX internals to improve WAF performance. Improving Web Security Performance One solution is to introduce a lightweight application-level load balancer in front of the WAF. This component classifies requests and forwards to the WAF just the ones needing inspection, such as dynamic content requests, and offloads the WAF by caching responses. Ideally, the load balancer should be a lightweight WAF itself to block trivial attacks early. It should also come from a different vendor to reduce the risk of shared weaknesses that attackers could exploit to bypass protection. It should also include caching to reduce backend load. To resist cache-targeted attacks (e.g., web cache deception), this balancer must support secure caching logic. Keeping only a small, hot subset of resources in RAM helps ensure resilience to (semi-)random URL DDoS attacks, reducing disk I/O bottlenecks. If your WAF uses ML for detection, it may benefit from visibility into all traffic, not just what passes through the cache. In such cases, extended access logs from the balancer should be fed into the WAF's ML pipeline. Lastly, the load balancer should include a programmable rules engine, allowing WAF rules to be offloaded when safe, improving efficiency by blocking bad traffic earlier. Conclusion Web security and performance are tightly linked aspects of any web application: It's impossible to achieve strong security on an underperforming infrastructure. The performance and scalability of WAFs are crucial for effective DDoS resistance. This becomes even more critical with the growth and diversity of AI-driven businesses employing advanced bots for scraping—these bots are hard to detect and may cause severe accelerators not only mitigate the performance degradations introduced by WAFs but also enhance DDoS protection, enable cost-effective scalability and even improve the overall security of architectures that use WAFs. Forbes Technology Council is an invitation-only community for world-class CIOs, CTOs and technology executives. Do I qualify?
Yahoo
16-06-2025
- Business
- Yahoo
Cloudflare, Inc. (NET) is Attracting Investor Attention: Here is What You Should Know
Cloudflare (NET) is one of the stocks most watched by visitors lately. So, it might be a good idea to review some of the factors that might affect the near-term performance of the stock. Shares of this web security and content delivery company have returned +9.4% over the past month versus the Zacks S&P 500 composite's +1.7% change. The Zacks Internet - Software industry, to which Cloudflare belongs, has gained 3.6% over this period. Now the key question is: Where could the stock be headed in the near term? Although media reports or rumors about a significant change in a company's business prospects usually cause its stock to trend and lead to an immediate price change, there are always certain fundamental factors that ultimately drive the buy-and-hold decision. Here at Zacks, we prioritize appraising the change in the projection of a company's future earnings over anything else. That's because we believe the present value of its future stream of earnings is what determines the fair value for its stock. We essentially look at how sell-side analysts covering the stock are revising their earnings estimates to reflect the impact of the latest business trends. And if earnings estimates go up for a company, the fair value for its stock goes up. A higher fair value than the current market price drives investors' interest in buying the stock, leading to its price moving higher. This is why empirical research shows a strong correlation between trends in earnings estimate revisions and near-term stock price movements. Cloudflare is expected to post earnings of $0.18 per share for the current quarter, representing a year-over-year change of -10%. Over the last 30 days, the Zacks Consensus Estimate has changed +8.2%. For the current fiscal year, the consensus earnings estimate of $0.79 points to a change of +5.3%. from the prior year. Over the last 30 days, this estimate has changed -2.1%. For the next fiscal year, the consensus earnings estimate of $1.04 indicates a change of +31.6% from what Cloudflare is expected to report a year ago. Over the past month, the estimate has remained unchanged. With an impressive externally audited track record, our proprietary stock rating tool -- the Zacks Rank -- is a more conclusive indicator of a stock's near-term price performance, as it effectively harnesses the power of earnings estimate revisions. The size of the recent change in the consensus estimate, along with three other factors related to earnings estimates, has resulted in a Zacks Rank #3 (Hold) for Cloudflare. The chart below shows the evolution of the company's forward 12-month consensus EPS estimate: While earnings growth is arguably the most superior indicator of a company's financial health, nothing happens as such if a business isn't able to grow its revenues. After all, it's nearly impossible for a company to increase its earnings for an extended period without increasing its revenues. So, it's important to know a company's potential revenue growth. For Cloudflare, the consensus sales estimate for the current quarter of $500.72 million indicates a year-over-year change of +24.9%. For the current and next fiscal years, $2.09 billion and $2.64 billion estimates indicate +25.4% and +26.1% changes, respectively. Cloudflare reported revenues of $479.09 million in the last reported quarter, representing a year-over-year change of +26.5%. EPS of $0.16 for the same period compares with $0.16 a year ago. Compared to the Zacks Consensus Estimate of $468.74 million, the reported revenues represent a surprise of +2.21%. The EPS surprise was 0%. Over the last four quarters, Cloudflare surpassed consensus EPS estimates three times. The company topped consensus revenue estimates each time over this period. No investment decision can be efficient without considering a stock's valuation. Whether a stock's current price rightly reflects the intrinsic value of the underlying business and the company's growth prospects is an essential determinant of its future price performance. While comparing the current values of a company's valuation multiples, such as price-to-earnings (P/E), price-to-sales (P/S), and price-to-cash flow (P/CF), with its own historical values helps determine whether its stock is fairly valued, overvalued, or undervalued, comparing the company relative to its peers on these parameters gives a good sense of the reasonability of the stock's price. As part of the Zacks Style Scores system, the Zacks Value Style Score (which evaluates both traditional and unconventional valuation metrics) organizes stocks into five groups ranging from A to F (A is better than B; B is better than C; and so on), making it helpful in identifying whether a stock is overvalued, rightly valued, or temporarily undervalued. Cloudflare is graded F on this front, indicating that it is trading at a premium to its peers. Click here to see the values of some of the valuation metrics that have driven this grade. The facts discussed here and much other information on might help determine whether or not it's worthwhile paying attention to the market buzz about Cloudflare. However, its Zacks Rank #3 does suggest that it may perform in line with the broader market in the near term. Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report Cloudflare, Inc. (NET) : Free Stock Analysis Report This article originally published on Zacks Investment Research ( Zacks Investment Research Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
