Detecting and Eliminating DDoS Threats Before An Attack
THE DDoS Vulnerability GAP
There are thousands of potential DDoS vulnerabilities that can be exploited in any IT infrastructure. These potential vulnerabilities are referred to as the - DDoS Vulnerability Gap. When the gap is exploited, DDoS traffic bypasses a company’s DDoS mitigation defenses and penetrates the target network, causing system disruption and downtime.
Mitigation solutions do not constantly re-configure and fine tune their DDoS mitigation postures. Leaving their ongoing visibility limited and leaving them to troubleshoot issues at the very worst possible time, that is, when systems are brought down by a successful DDoS attack. These solutions are reactive, reacting to an attack and not foreseeing it.
Testing companies, DDoS Red Team Testing simulates a variety of real DDoS attack vectors in a controlled manner to validate the human red teams procedural response to a DDoS attack. Red team testing does not evaluate the companies vulnerability level to DDoS attacks and is usually performed on average twice yearly. This testing is very disruptive to IT systems and leads to disruption of on-going operations, so requires a planned maintenance window.
MazeBolt’s DDoS Security Platform closes the gap by working as a non-disruptive top layer on any DDoS Mitigation system. Through continuous identification and remediation of the mitigation systems vulnerabilities and not just the human readiness to an attack. Ultimately avoiding downtime and almost eliminating inline mitigation vulnerabilities before an attack happens and without the need for disruptive maintenance windows.
Red Team Vs. Mitigation Vs. RADAR™
| Description | |||
|---|---|---|---|
| Very high chance of Downtime during attack | YES | 48% Chance | NO |
| Testing frequency | About twice a year | N/A | Continuous |
| DDoS attack vectors checked per target | Less than 20 | N/A | More than 100 |
| How many target IP's tested - Against all attack vectors | Sample - Under 5 IP's | N/A | Complete - Over 1000 IP's |
| Vulnerability gap average | 48% | 48% | Under 2% |
| Vulnerability reports | Per test | NO | Continuous - Daily |
| Cost | $ | $$$ | $$ |
| Attack response | N/A | Reactive when an attacks happens | Continuous before an attack happens |
| Detection of successful attacks | Sample detection only - At time of test - time of test only | Partial detection - during attack | Full detection - Before an attack & continuous |
| Added costs for Red Team testing - On Demand | YES | N/A | NO |
“Downtime costs increased 200 percent year-over-year.”
(*300+ Terrifying Cybercrime and Cybersecurity Statistics & Trends [2020] EDITION)
“The average cost of downtime is 23 times higher than the average ransom amount.”
(*300+ Terrifying Cybercrime and Cybersecurity Statistics & Trends [2020] EDITION)
Enterprise Use Case
Constantly changing and dynamic systems are continuously open to DDoS attacks.
Initial DDoS Risk (% of DDoS vulnerabilities identified on first cycle)
Launched new web applications without aligning with DDoS mitigation configuration
Added new IP addresses and upgraded network equipment
In 2019, the number of DDoS attacks increased by almost 50% over the previous year. The average duration of attacks also increased around 50%.
(Kaspersky Labs report 2019)
