Protecting Against a Share Point Zero Day Vulnerability with Network Fingerprinting
Analysis of attempts to exploit a recent Share Point zero day vulnerability reveal network fingerprinting and classification is a robust defense.
Why Don't We Have an AI UI Yet?
If AI is the next great computer interface, why are we still clicking on icons and navigating menus? Exploring the major hurdles standing between us and a true AI-native operating system.
AI as the Translator Between Human and Machine
We've gone from command lines to graphical interfaces. The next great leap in how we interact with computers won't be seen, it will be understood. AI is poised to become the ultimate translator between human intent and machine execution.
From Research Paper to Running Code
Exploring how AI can dramatically accelerate the process of turning complex academic research into functional code, with examples from anomaly detection to small LLMs.
My Programming Journey
A personal journey through the evolution of programming, from the early days of DOS and BASIC to the current age of AI-assisted coding.
How AI Agents Are Writing Custom Exploits
AI agents with reasoning capabilities like DeepSeek are revolutionizing exploit development, marking the end of traditional security approaches based on static rules and patterns.
A/B Testing, Bots, and the New Normal
How AI agents are skewing marketing metrics and why traditional A/B testing needs to evolve for the age of autonomous digital interactions.
When Bots Are Your Primary Users
An exploration of how AI agents are reshaping API design principles and why we must evolve our approach to serve both machine and human consumers.
Why Reasoning Models Like DeepSeek Change Everything
How open reasoning models transform automation from rigid scripts to autonomous agents, fundamentally changing our approach to security and digital interactions.
Did Residential Proxies enable a $600 Billion loss?
How residential proxy networks may have enabled DeepSeek to bypass AI platform protections, leading to Nvidia's historic market value loss
Visa's Security Roadmap 2025-2028
An analysis of Visa's Security Roadmap 2025-2028 and how Peakhour's solutions help Australian businesses meet these security objectives.
How Bots Are Corrupting Your A/B Testing Data
Understand the impact of bot traffic on A/B testing results and learn how to protect your optimization efforts
The Hidden Cost of Click Fraud
Click fraud drains marketing budgets and corrupts campaign data. Learn how bots and residential proxies impact your ad spend and marketing strategy.
Residential Proxies - The Growing Threat to Ad Campaigns
Learn how distributed bot networks using residential IPs are evolving to evade traditional fraud detection
Next-Generation Application Security Defence Strategies
Comprehensive analysis of AI-powered cyber threats and how modern application security platforms defend against machine learning-driven attacks. Learn advanced defence strategies for the AI cybersecurity arms race.
Application Security Beyond MFA
Multi-factor authentication alone cannot protect against sophisticated AI-powered attacks and residential proxy networks. Learn how modern application security platforms provide comprehensive account takeover prevention through multi-layered defence strategies.
How To Exclude Query String Parameters from Search Engine crawling
Double crawling of pages by search engines due to filtering options and query strings can be a massive drain on server resources. Learn how to control it using robots.txt.
RFC 9460
Introducing SVCB and HTTPS records in DNS and their impact on web connectivity.
Dive into CVSS Scores
Understand CVSS by examining the Atlassian CVE-2023-22515 and CVE-2023-22518.
A Risk Based Approach To Vulnerability Scoring
An in-depth exploration of EPSS, its data-driven approach to assessing cybersecurity threats, and how it complements CVSS.
A Tale Of Two Scoring Systems
Reviewing the CVSS an EPSS CVE scoring systems in light of the Atlassian Confluence-Aggedon
Navigating CDN Consolidation
Explore the complexities of switching CDN providers amid industry consolidation and how Peakhour can assist in the transition
An Overview of JA4+ Network Fingerprinting and Its Implications
An in-depth exploration of the JA4+ network fingerprinting method, its applications, and its role in cybersecurity.
Web scraping another Business' website
Scraping competitor websites is a common practice, but is it legal? Read on to find out.
Interaction to Next Paint (INP)
Google is introducing a new Core Web Vital to replace First Input Delay, read on to learn all about it.
Content and Origin Mounting
Content/Origin mounting allows you to seamlessly bring content together from multiple sources, on to your main website.
ZDNS - scan the entire internet
Details the use of ZDNS, a high-performance DNS toolkit, to create a comprehensive Reverse DNS (rDNS) lookup database by scanning the entire internet, and how randomizing the IP space overcomes UDP timeout issues.
Down But Not Out - JXL Will Return on Safari
What Apple's announcement of JPEG-XL support means for the web ecosystem.
Understanding HTTP Link Headers
HTTP Link headers are a relatively unknown but powerful way to improve page load times.
The Rise of the Dragon
Residential proxy malware, and its implications for traditional cybersecurity measures, emphasising the need for evolving threat detection and mitigation strategies.
Residential Proxies and MITRE Framework
Explore residential proxies within the context of the MITRE ATT&CK framework, highlighting the security implications and ethical considerations.
Residential Proxy Detection
Comprehensive analysis of residential proxy threats and detection strategies for modern application security platforms. Learn how sophisticated threat actors use residential proxies to bypass traditional security measures.
Consistent Hash with Bounded Loads
An overview of consistent hashing with bounded loads, an advanced load balancing technique that ensures a more even distribution of keys across servers, preventing overload and improving system stability.
Double MAD?
This article explores the use of Double Median Absolute Deviation (Double MAD) for anomaly detection in time series data, particularly in skewed or non-symmetric distributions.
Double MAD vs the Rest
A look at the limitations of Double MAD for anomaly detection, and a comparison with the Z-score method, to help you choose the right approach for your data.
Locality Sensitive Hashing
An introduction to Locality Sensitive Hashing (LSH) and its application in load balancing, including consistent hashing and its use in CDNs and Google's Maglev for efficient server pool management.
Scaling anomaly detection with RRCF
Discusses strategies for scaling the Robust Random Cut Forest (RRCF) algorithm for large-scale anomaly detection, including using summary statistics, buffering input, and parallelisation.
Applied RRCF - thresholding techniques.
Explores various thresholding techniques like Median Absolute Deviation (MAD), Min/Max, and Z-Score for interpreting Robust Random Cut Forest (RRCF) anomaly scores, crucial for classifying data points as normal or anomalous.
Multi-Origin Load Balancing
Websites with a global audience need more than just a traditional CDN. They need geographic multi origin load balancing.
Layer 7 DDoS Protection
Comprehensive guide to Layer 7 DDoS protection using strategic caching within application security platforms. Learn how intelligent caching strategies provide robust defence against sophisticated application-layer attacks.
Chrome's TLS Extension Randomisation Experiment
Does TLS extension randomisation assist in hiding Chrome?
Automatic Image Optimisation
Image optimisation saves you bandwidth and designer effort while reduces page load time.
CVE-2022-26134
Peakhour clients are protected against CVF-2022-26134 Atlassian Confluence RCE
Cache-Status
Cache-Status is a proposed standard header to provide visibility into how caching providers interact and handle a request.
Fastly Outage
Fastly, a major CDN provider, had a global outage last night which affected some of the world's largest websites and internet services. Why didn't they have a backup plan?
Setting Up A Chia Hobby Farm
Chia is a new blockchain aiming to one up Bitcoin that's taking the crypto world by storm. We decided to jump on the bandwagon.
What is the Google Chrome UX (CrUX) report, and why you should care.
Learn where Google gets the performance data it uses when ranking your website.
AVIF Support For Automatic Image Optimisation
AVIF is a next generation image format with early support in Chrome and Firefox. Peakhour is pleased to offer AVIF as a supported format to our clients.
Instant Alerts
Introducing Instant Alerts, a new feature for receiving emails or SMS alerts when events happen on your site.