Frequently Asked Questions

DDoS RADAR™

MazeBolt's professional services are top experts worldwide in the DDoS field. Many of them originally come from various other leading DDoS mitigation companies. MazeBolt's professional services allows for -

Strong support - MazeBolt's professional services allow our customers to focus on their business, using our experience in DDoS mitigation to assist in liaising with DDoS mitigation vendors. MazeBolt will make closing vulnerabilities a painless process. We are with you every step of the way.
Professional services with leading DDoS experts - Our DDoS experts have all come from leading DDoS Mitigation companies and understand both defense and attack. We have worked with over 100 enterprise organizations consulting on vendor remediation, real-time attack analysis, and deep DDoS architecture planning & understanding.
The liaison with your mitigation company - Our professional service DDoS experts will guide your remediation efforts with your DDoS mitigation vendors. If required, our professional service can also help plan new architectural changes.
Customize attack simulation vectors to add to RADAR™️ - If your organization requires specific attack vectors for proprietary reasons. MazeBolt's professional services, together with R&D, will design, implement, and QA your required attack vectors, to be an ongoing part of your RADAR™️ platform.

How many simulated DDoS attacks does RADAR™️ run a year?

How does MazeBolt remediate the DDoS risks it finds with RADAR™️?

Every vulnerability discovered by RADAR™️ has all the data required to fine-tune the DDoS mitigation policy; for example, the amount of attack simulation sent and attack traffic received, together with other important reporting parameters. This information allows the DDoS mitigation vendor and MazeBolt to coordinate a perfect policy change for each vulnerability discovered. Because the technology is non-disruptive, revalidating can be done in real-time to fine-tune security policies. Each customer has different requirements, and a mutually agreed-upon schedule for simulations and vulnerability reporting, and remediation intervals is designed together with MazeBolt’s professional services. Providing end-to-end full vulnerability identification coverage and vulnerability remediation management.

How does the non-disruptive DDoS RADAR™ work?

How often does the DDoS RADAR™ report on DDoS Vulnerabilities?

What de-bugging information do the Vendor reports contain on the DDoS Mitigation Gaps identified?

The DDoS RADAR™ vendor reports include a comprehensive and complete story of what took place during that particular DDoS attack simulation. For example, on a per attack simulation basis, the vendor can see:

Duration of DDoS attack simulation
Rate of DDoS attack simulation
Cumulative attack simulation traffic sent
Cumulative attack simulation traffic received
Target response monitoring during DDoS attack simulation
Graphical illustrations of charting during attack simulation
Knowledge base article on attack simulation with PCAP example of an attack

Can I also auto-generate an Executive Report for management?

Do I have access to low-level DDoS vulnerability reporting?

How long does each DDoS Testing cycle run for?

What are the sizes of the attacks that the DDoS RADAR™ test runs?

What data from the network traffic it monitors does the DDoS RADAR™ read?

Does the DDoS RADAR™ read Personally identifiable information (PII)?

Does the DDoS RADAR™ decrypt traffic?

What meta data from the packets is used by the DDoS RADAR™?

We identify our attack traffic by looking for and filtering our attack traffic's source IPs only. In a default configuration, we do not even capture any other traffic other than traffic originating from MazeBolt source IPs. However, there is an exception to this rule, and that is for CDN-based traffic, this will turn the device into a mode whereby we begin capturing all traffic, identifying the true source IP in the X-Forward-For header, and then using those statistics to send out. It is important to note that we send out ONLY traffic statistics, and NO PII information or any other data other then TCP related data is sent out via our secure API, our API has 2 factor authentication and communicates only with our data center.

What if you have a new feature of the DDoS RADAR™ that will then begin sending out PII?

Can you share with us other information relating to your security policy?

Can the DDoS RADAR™ test more than one DDoS mitigation solution?

Which targets in the customer network are tested against DDoS Mitigation Gaps?

What requirements are there for the DDoS RADAR™?

Where does the TAP port need to be located in the network?

What parameters are needed to determine which TAP port a company needs?

Red Team DDoS Testing

What is a Red Team DDoS Test?

How does Red Team DDoS Testing work?

MazeBolt’s DDoS Testing has three basic stages:

Planning & Scheduling – MazeBolt’s SOC team works with you to understand your needs and tailor the DDoS Tests accordingly (i.e. number of tests, type of tests, bandwidth, geo-distribution and more).
Testing – MazeBolt’s SOC team runs the tests with you following in real-time via the User Interface. The emergency button allows you to stop the tests at any time.
Reporting – Once testing is completed, MazeBolt issues a DDoS Test Report that highlights points of strengths and weakness of your DDoS attack handling, and recommendations for further action.

Is traditional DDoS Test legal?

How long does a DDoS Test take to perform?

We regularly use Penetration Testing – do we still need DDoS Tests?

Can you test a cloud-based DDoS Mitigation scrubbing service as well?

Does MazeBolt recommend DDoS Mitigation vendors?