Learn About
Security Trends

Since its beginnings, Shape has aimed to share knowledge by hosting developer meetups,
contributing to open-source forums, and publishing insights from the Shape Network.

Featured Blog Posts

Biggest Threat to Retail? (hint: it's not Amazon)

February 9, 2018

Retailers lost a whopping $57B to online attacks in 2017, eclipsing losses from shoplifting and inventory shrinkage. The biggest online threat: Account takeover.

Shape Security Trends BlogRead More > > >

Introducing Blackfish, a system to help eliminate the use of stolen passwords

November 7, 2017

Today we’re releasing Blackfish, a system that proactively protects companies from credential stuffing before an attack takes place.

Shape Security Trends BlogRead More > > >

How Cybercriminals Bypass CAPTCHA

July 12, 2017

One thing the world can consistently agree on is that CAPTCHAs are annoying. The puzzle always appears in the most inconvenient of places. Online gift card purchases. Creating an account on an ecommerce webpage. Typing in those hard to memorize credentials one too many times.

Shape Security Trends BlogRead More > > >

World Kill the Password Day

May 4, 2017

Today is World Password Day. It’s also Star Wars Day, which will get far more attention from far more people (May the Fourth be with you). This confusion is appropriate for World Password Day, because while the occasion is about improving password habits, the world has turned decidedly against passwords. Why haven't we killed passwords as a method of authentication yet?

Shape Security Trends BlogRead More > > >

2017 Credential Spill Report

January 17, 2017

Over the past 12 months, we have seen dozens of the world’s largest online services report that they had been breached by attackers who were able to gain access to their customers’ login credential data. By the end of 2016, over three billion credentials in total were reported stolen, at an average pace of one new credential spill reported every week.

Shape Security Trends BlogRead More > > >

The Right to Buy Tickets

December 16, 2016

With President Obama’s signing of the Better Online Ticket Sales (BOTS) Act of 2016 and the passing of recent legislation in New York, there are signs of hope that beginning in 2017, humans may once again have a fighting chance of purchasing a ticket to a hot concert, show or event.

Shape Security Trends BlogRead More > > >

Don’t Let Stolen Credentials Ruin Your Holiday Gift Giving

November 23, 2016

2016 is the year of stolen credentials used for account takeover; the holiday season, starting with Cyber Monday, is the peak time at risk for the retail industry.

Shape Security Trends BlogRead More > > >

Pokémon Go API - A Closer Look at Automated Attacks

August 16, 2016

Tens of millions of people are out exploring the new world of Pokémon Go. It turns out that many of those users are not people at all, but automated agents, or bots. Game-playing bots are not a new phenomenon, but Pokémon Go offers some new use cases for bots.

Shape Engineering BlogRead More > > >

The Half-Day Attack: From Compromise to Cash with Sentry MBA

March 9, 2016

Sentry MBA, an automated attack tool used to take over accounts on major websites, makes cybercrime accessible to legions of attackers across the globe. Sentry MBA illustrates the pivotal role automation plays in online attacks and shows how cybercrime is increasingly compartmentalized and commoditized.

Shape Security Trends BlogRead More > > >


Under Cyberattack?
Test drive shape rapid defense.

Get Threat Assessment