Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

In mid-May 2025, Cloudflare blocked the largest DDoS attack ever recorded: a staggering 7.3 terabits per second (Tbps). This comes shortly after the publication of our DDoS threat report for 2025 Q1 on April 27, 2025, where we highlighted attacks reaching 6.5 Tbps and 4.8 billion packets per second (pps). The 7.3 Tbps attack is 12% larger than our previous record and 1 Tbps greater than a recent attack reported by cyber security reporter Brian Krebs at KrebsOnSecurity.

The dictionary (at least the online version) defines the word trend as a general direction in which something is developing or changing. It also does have a secondary definition relating to fashion, but unless we want to cover off on some questionable choices I made when younger, we can skip that one. When does something move beyond being a trend, and create a lasting shift in behavior–or for the purposes of our discussion, technology?

In enterprise IT, there’s a familiar story: moving applications to the cloud is easy—but securely connecting cloud workloads isn’t. Cloud migration is no longer a question of if, but how fast enterprises can make the shift. As of 2025, an estimated 67% of enterprise infrastructure runs in the cloud, highlighting the widespread adoption of cloud hosting and infrastructure services worldwide.

Today at re:Inforce Amazon Web Services (AWS), unveiled an enhanced version of AWS Security Hub which will enable organizations to surface and prioritize active risks in their cloud environment. Security Hub transforms security signals into actionable insights and offers intuitive visualizations and natural language summaries. Tines will offer workflow orchestration and automation for this enhanced version of Security Hub.

Traditionally, securing APIs in AWS has involved a frustrating trade-off. Obtaining a full view of your API Fabric requires weeks or months of deploying various agents, setting up traffic analysis, and enduring lengthy professional services engagements. The outcome? An unacceptably slow time-to-value that keeps you unaware of potential risks for too long. The main issue hasn't only been locating APIs, but also the extensive wait to identify them. But what if that trade-off is no longer necessary?

As quantum computing creeps closer, the cryptographic mechanisms on which today’s digital world relies are becoming more and more fragile. In a prescient move, AWS Key Management Service (KMS) now supports ML-DSA, one of the first post-quantum digital signatures, which has become a standard under FIPS 203. This is an important step in AWS’s broader efforts to prepare customers for the post-quantum secure future.

At Tines, we rely heavily on AWS Elastic Container Service (ECS) to power our workflow automation platform. For a couple of years, we used Fargate as our default compute layer – offering simplicity and removing the need to manage underlying hosts. However, as we scaled, we started hitting the edges of what Fargate could reliably offer. This is the story of why we migrated our backend services to an EC2-backed ECS Capacity Provider and what we learned along the way.

Today, we’ve announced during AWS re:Inforce 2025 that Cato Networks has received the “Deployed on AWS” badge, which identifies Amazon Web Services (AWS) partners whose products are powered by AWS infrastructure. As a Leader in the 2024 Gartner Magic Quadrant for Single-Vendor SASE, Cato sets the standard for converging networking and security in a single, cloud-native platform.