Security on Wirez

Route origin security gaps in East Asia's IPv4

Tue, 24 Mar 2026 00:00:00 +0000

Global Route Origin Authorization coverage hit 60.3% in February 2026, yet APNIC's uneven 55. APNIC's rpkis 2025 year in review 5% adoption rate exposes critical interconnectivity risks.

RIPE Fellowship 2026: Why 10 New Fellows Matter

Tue, 17 Mar 2026 00:00:00 +0000

The RIPE NCC selected 16 new fellows for RIPE 92 and 93 on 17 Mar 2026 to fix the broken pipeline of internet governance talent. Ripe 848 This program is not merely a travel grant; it is a strategic intervention designed to align individual ambition with the critical infrastructure gaps plaguing the region. While global connectivity hovers near saturation, the technical mechanisms ensuring that connectivity remains secure are failing to keep pace with user growth.

Cloudflare remediation stops SaaS link risks fast

Tue, 03 Mar 2026 00:00:00 +0000

Cloud attacks surged 26% in 2024, proving that visibility without automated remediation is merely a delay tactic. Cloudflare's casb ga The narrative explores how security teams can finally bypass the friction of manual ticketing and external admin consoles by using Remediation actions directly inside the Cloudflare One dashboard. Instead of flagging overshared files in Microsoft 365 or Google Workspace and waiting for IT to respond, administrators can now instantly revoke public links or restrict domain-wide access with a single click. This capability addresses the critical gap where dangerous configurations persist simply because the fix requires too many steps across disjointed interfaces.

Reactive detection leaves invisible weaknesses open

Tue, 03 Mar 2026 00:00:00 +0000

With global spending hitting $520 billion in 2026, email security still fails because its worst vulnerabilities remain invisible. The industry's reliance on reactive fixes creates a dangerous blind spot where only AI-driven analysis can reveal the threats that bypass initial filters. The narrative draws on Abraham Wald's World War II insight regarding "planes that didn't make it back" to illustrate how traditional defenses ignore messages that never trigger user reports. While organizations pour resources into perimeter defense, detection gaps persist because standard improvements rely entirely on post-breach user submissions. This reactive loop ensures defenders only patch holes after attackers have already succeeded, leaving the most critical weaknesses unaddressed.

Cloudflare data reveals origin server lag today

Fri, 27 Feb 2026 00:00:00 +0000

Over 60% of client connections now support post-quantum encryption, yet origin server readiness remains the critical blind spot. Cloudflare radars 2023 overview of new tools and insights Cloudflare Radar exposes this disconnect by shifting visibility from edge metrics to the actual security posture of customer infrastructure. The platform's latest update argues that true durability requires auditable proof of hybrid key exchange deployment and rigorous routing security validation, not just theoretical compatibility.

Routing security gaps threaten your 2026 supply chain

Thu, 26 Feb 2026 00:00:00 +0000

With global cybercrime costs hitting $10.8 trillion in 2026, ignoring Internet routing security is financial suicide. Dan Fidler's February 2026 MANRS paper argues that enterprises must treat the global routing system as a critical, under-managed supply chain dependency rather than a background utility. The thesis is clear: voluntary operator goodwill has failed, and only aggressive demand-side pressure via enterprise procurement can force the adoption of necessary safeguards.

ASPA vs PeerLock: The Real Tradeoffs Explained

Sun, 01 Feb 2026 00:00:00 +0000

With ARIN reporting full ASPA availability in March 2026, the era of theoretical BGP security has abruptly ended. Arin bits march 2026 The industry's reliance on manual AS-PATH policies is no longer a stopgap but a deliberate strategic choice between proprietary control and standardized validation. As networks face increasing pressure to secure the shared substrate of global IP connectivity, operators must decide whether to implement sharp, exclusionary tools like peerlock or adopt the broader, automated reach of ASPA.

ASPATH length traps: When short routes risk security

Thu, 01 Jan 2026 00:00:00 +0000

Shorter AS_PATH lengths win route selection when other BGP criteria tie, per RFC 4271.

In reality, actual reachability depends entirely on external filtering policies and RPKI validation, not just path metrics. As bogdancyber clarified on the NANOG mailing list in January 2026, conflating path brevity with trust creates dangerous blind spots in risk modeling for potential hijacks.

Machine learning misses real BGP security flaws

Thu, 01 Jan 2026 00:00:00 +0000

Tom Beecher rejected the BGP Security Intelligence Platform immediately after reading claims that as_path length dictates routing credibility. This skepticism highlights a critical flaw in current predictive modeling: relying on outdated heuristics rather than verifiable propagation data. The article argues that effective risk assessment demands discarding static path assumptions in favor of dynamic, origin-side vulnerability scoring combined with real-time structural analysis.

Predictive routing intelligence stops BGP outages early

Thu, 01 Jan 2026 00:00:00 +0000

Only 38% of RADB records matched RPKI data in 2021, proving that reactive monitoring leaves the majority of routing infrastructure exposed to preventable hijacks. The BGP Security Intelligence Platform fundamentally shifts operations from passive alerting to predictive routing-risk intelligence by analyzing origin-side vulnerabilities before they trigger outages. This architecture moves beyond simple route change notifications to anticipate where malformed announcements will propagate based on structural weaknesses.