Abstract: Methods, non-transitory computer readable media, network traffic management apparatuses, and network traffic management systems that identify when a domain name identifier in a received request matches one of a plurality of domain names stored in a whitelist domain name storage. When the identification indicates the received domain name identifier fails to match one of the plurality of domain names stored in the whitelist domain name storage, then a determination is made on whether the received request is a suspicious request. Another storage is updated when the determination indicates the received request is the suspicious request or otherwise updating the received request as a valid request.

Abstract: Methods, non-transitory computer readable media, attack mitigation apparatuses, and network security systems that maintain an application context model for a protected application based on ingested logs. The application context model includes a map of network infrastructure associated with the protected application. Using the application context model, potential attack(s) against the protected application are identified and possible mitigation action(s) to take in response to one or more of the identified potential attack(s) are scored. A stored policy is executed to evaluate the possible mitigation action(s) based on the scoring. One or more of the possible mitigation action(s) are initiated on the identified potential attack(s) based on the evaluation. With this technology, malicious network activity can be more effectively and quickly detected and mitigated resulting in improved network security.

Abstract: Methods, non-transitory computer readable media, attack mitigation apparatuses, and network security systems that maintain an application context model for a protected application based on ingested logs. The application context model includes a map of network infrastructure associated with the protected application. Using the application context model, potential attack(s) against the protected application are identified and possible mitigation action(s) to take in response to one or more of the identified potential attack(s) are scored. A stored policy is executed to evaluate the possible mitigation action(s) based on the scoring. One or more of the possible mitigation action(s) are initiated on the identified potential attack(s) based on the evaluation. With this technology, malicious network activity can be more effectively and quickly detected and mitigated resulting in improved network security.