Many of your team members may have CISSP or other security certifications, which they received by learning specific material and then getting tested for proficiency. Many of the processes within your organization are ISO certified. Your company has regular fire drills to ensure that everyone can quickly follow the emergency evacuation plans.
Preparing for the inevitable
Because DDoS attacks do not occur as frequently as “traditional” cyberattacks like malware, trojans, ransomware, worms, etc., which generally are happening daily, your DDoS protection system doesn’t generally have the “opportunity” to prove that it’s working as well as your other infrastructure.
Even if your DDoS mitigation system successfully defended against a DDoS attack last year, that same level of defense may not be available now. Networks have many points of failure simply due to the complexity of hardware or service deployments in place and they are constantly evolving and changing – thus opening up new vulnerabilities. Some devices may be unable to protect against DDoS attacks because they have been misconfigured. Others don’t work because the software hasn’t been upgraded.
Out-of-the-box DDoS protection only partially works
Out of the box, most DDoS protection setups only protect against 55% of common types of attacks on average.
We generally put DDoS attacks into about 18 major “families,” with the attack variations numbering into the hundreds or even thousands of specific DDoS attack vectors.
The problem lies in the types of attacks that bypass your particular DDoS mitigation configuration – this is known as your DDoS gap.
Next steps – Closing the Gap
Do you know how big your DDoS Gap is, and which DDoS attack vectors your mitigation is vulnerable to? There’s only one way to find out. Put your system to the test.
Comprehensive DDoS tests against your infrastructure can help you discover exactly where your DDoS gap is and how big it is.
MazeBolt’s BaseLine DDoS test will stress and validate your system to identify the specific points of failure and deliver the actionable intelligence your team needs to significantly reduce your DDoS gap.