MazeBolt’s recent webinar with Amir Dahan, Senior Product Manager at Microsoft, and Matthew Andriani, CEO and Founder at MazeBolt, explored why users of Microsoft Azure DDoS Protection reduce the risk of DDoS attack and improve their return on investment by adopting continuous DDoS testing.
Here are some of the insights that were shared during the webinar. You can watch the full webinar on-demand here.
What is a DDoS Attack?
Amir started the webinar by explaining that a DDoS attack takes place when a bad actor utilizes either a compromised bot network or a data stressing tool to flood a target network Cloud resource or application – until a point when it can no longer serve legitimate customer requests. This is due to reasons such as network congestion and ICP utilization.
He added, “Why should customers of Microsoft Azure care about DDoS attacks? The simple reason is that any resource that is receiving traffic from the Internet is susceptible to DDoS attack.”
What Are the Advantages of Continuous DDoS Testing?
MazeBolt sees, on average – based on over 100,000 hours of annual DDoS testing – around a 37% vulnerability level of environments. This means that if a DDoS attack arrives, it’s going through the defenses and taking down services. Obtaining DDoS vulnerability data and remediating DDoS vulnerabilities – as quickly as possible – is critical to preventing a damaging attack.
“Without knowing what the vulnerability data is – basically, you are waiting to see if your defenses can be bypassed,” Matthew explained. “DDoS protection solutions deployed without continuous testing and remediation (a very important component) are going to be vulnerable – very vulnerable. The DDoS protection itself can lead to a damaging attack. MazeBolt’s idea is that you want to uncover these DDoS vulnerabilities prior to an attack.”
Do DDoS Attacks Pose a Risk to Microsoft Azure Users?
Microsoft Azure is well protected at the platform level. Amir shared that, “We work hard to make sure that the data centers in each of the Azure regions and our Azure services are protected against the largest DDoS attacks. In the last couple of years, we successfully mitigated DDoS attacks at a terabytes-per-second capacity.”
He pointed out, “The majority of DDoS attacks are lower in throughput – even lower than 10 million packets per second or 10 gigabytes per second. These attacks are too small to risk Azure. But they may be devastating to your applications that are running on Azure. The downtime costs can be thousands of dollars per minute.”
How Does MazeBolt Differ from Traditional Red Team Testing?
MazeBolt’s RADAR™ patented technology covers 100% of the attack surface, without any disruption to business operations. In contrast, traditional Red Team testing might cover one tenth of 1% of the attack surface, and it requires a maintenance window.
“RADAR is continuously evaluating how automated protections are working,” Matthew says. “MazeBolt runs well over 10,000 DDoS simulations annually – whereas the next best option runs much less, up to . This is because a maintenance period is required when you use any of the traditional methods for finding DDoS vulnerabilities.”
To watch the full webinar on demand, click here. Interested in learning more about MazeBolt RADAR? Speak with an expert!
