Crownpeak's CTO Explains Digital Quality Management & DDoS
It has been a really busy time at Crownpeak, the cloud-based Digital Experience Management (DXM) platform provider. In the last 12-18 months the company has undergone key organizational changes in its leadership team, merged with a digital governance vendor, confirmed a $50 million investment by K1, and so on. Here at CMS-Connected, we wondered what has been cooking in Crownpeak’s kitchen after all these major changes. To hear it first hand, we reached out to Adrian Newby, Chief Technology Officer at Crownpeak Technology, to inquire about the key organizational changes, Crownpeak’s new user interface, and how to combat DDoS attacks.
As you may recall, in April 2016, we reported on the news that CrownPeak had merged with UK-based ActiveStandards, the pioneer who established the enterprise Digital Quality Management (DQM) market. Additionally, another announcement in connection with the merger was made by CrownPeak; the company affirmed a $50 million investment by the West Coast-based venture capital firm, K1 Investment Management, to support the anticipated re-launch as well as future product enhancements.
During the interview, Newby said: “Our dreams have always been bigger than our budget,” when he was talking about the time before the investment happened. Now that the vendor raised $50 million, they substantially expanded their leadership team and added more horsepower in almost their every single focus area.
Crownpeak’s content authoring interface has recently undergone a very significant transformation as well. The company has gone back to the browser and built the entire new user interface around a sole browser which can run either on the desktop or any mobile device. The advantage of this is that users can maintain or edit their websites regardless of their location as long as they have an internet connection. With the new enhancements to its user interface, Crownpeak enables users to customize their experience with the platform, as a content author for instance, may want to see a completely different arrangement than a web developer or an administrator would. When we dove into the differentiators of Crownpeak’s new user interface, Newby told: “One of the things we are most excited about is the ability for content authors to be able to build websites purely using simple drag and drop capabilities. And they can build a page almost as easily as they would build a PowerPoint slide. “
As a provider of the only cloud-first DXM platform to feature built-in Digital Quality Management (DQM), Crownpeak has been doing a lot of work in terms of data quality management. What exactly is data quality management technology, you may ask? Here’s a brief rundown of how DQM help you take care of your business:
Maintain brand integrity across all your digital touchpoints: As Newby stressed in the interview, consistent brand identity is extremely important especially for organizations with hundreds of thousands of websites around the world. Your brand identity consists of specific fonts, colors, guidelines for templates and layouts, consistent use of terminology, language clarity, and the detection of prohibited terms and phrases.
Policy compliance is crucial: The technology ensures that all legally mandated content is present on your site, including data protection, privacy policies, terms and conditions, intellectual property protection and corporate disclaimers while maintaining brand style and the editorial standards.
Make sure that your web page is properly constructed so they perform well in search engines: With the technology, it is easier to ensure your websites stay compliant with your search engine strategy. The technology takes care of effective use of title tags and metadata, optimization of page headings, and correct use of link text and alt image text.
Another area that Crownpeak has been investing in is distributed denial of service (DDoS) attacks. The vendors describe the term as “a technique used by cyber criminals to overwhelm servers with so many requests that it compromises a website (or multiple websites’) availability.” As Newby also mentioned in the interview, The Bank of New York Mellon Corporation asked Crownpeak to design a top-notch DDoS-resilient platform. To leverage the threat protection strategy, the vendor took advantage of Amazon Web Services’ technology. When the solution was completed, they tested it by launching a massive DDoS attack. As a result, 100 million requests a minute and over 1 million requests a second sent to servers didn’t impact the end user experience. The company made a study case out of this experience and presented it in detail at AWS re:Invent 2016. What was unique about that presentation, according to Newby, was the fact that such a big financial institution gave them permission to talk about the case publicly which is obviously rare in the case of a systemically important financial institution.
The demand for Crownpeak's digital experience management platform mostly comes from its combination of excellent cloud capabilities and advanced functionality, such as digital quality management, which are acquired via ActiveStandards and now one of the core services that comes with the product. Newby views Crownpeak Advanced Web Hosting as a very strong weapon to combat many types of cyber-attack techniques such as Layer 3/4 volumetric attacks, Layer 7 attacks, and distributed denial of service (DDoS) attacks. Here are some capabilities of Crownpeak Advanced Web Hosting:
Designed to detect, analyze and defend against Layer 7 application-level DDoS attacks, where traditional cyber security technologies are inadequate at distinguishing between malicious and non-malicious requests.
Customers benefit from domain expertise – Crownpeak’s team handles all strategy, configuration, and implementation giving customers the level of protection needed to filter out malicious traffic, while ensuring legitimate traffic gets access. As new threats in the marketplace emerge, Crownpeak stays ahead of them, making adjustments as needed.
Quick and seamless integration – Can be implemented and configured in just a couple of days.
Collective intelligence – Threat intelligence is pooled so a defense evolved by observing one attack against one customer, becomes immediately available for all customers.
According to Cisco, globally the number of DDoS attacks grew 25 percent in 2015 and will increase 2.6-fold to 17 million by 2020. DDoS attacks can create significant business risks with lasting effects. Being on the receiving end of a DDoS attack is practically impossible to avert. However, the business impact of these attacks can be diminished. Therefore, it is important to have a solid plan and technology in place to combat these threats. As the shift turns from pilot projects to enterprise production, IT involvement is necessary for efficient management and security.