DDoS Mitigation Needs Continuous Fine Tuning
DDoS mitigation technology is designed to block the most common DDoS attacks in the wild, automatically. However, data from over 1,000 BaseLine DDoS tests that MazeBolt conducted indicates that 97% of the companies testing their mitigation for the first time experienced disruption or downtime. This shows that mitigation most often isn't t configured correctly.
The most common reason for this disparity is that for mitigation technology to work, its configuration needs to perfectly match the target network it is protecting. Because companies’ network environments are dynamic and constantly changing, they're adding new services and opening new vulnerabilities – these mitigation configuration settings need to be continuously fine-tuned.
The most effective and efficient way to identify mis-configured DDoS mitigation is to test your mitigation with real DDoS testing and allow your vendor to fix the vulnerabilities identified.
Traditional DDoS Testing – Disruptive to Ongoing Operations/limited in scope
Up to now, traditional DDoS Testing required running DDoS tests that simulated real DDoS attacks against a company’s publicly available website. Any disruption to the company’s website indicates the DDoS mitigation isn’t working properly and highlights a vulnerability to the DDoS attack vector tested.
The disruptive nature of traditional DDoS Testing means that it can only be run during maintenance windows that typically last 3 hours and require “all hands on deck” in case of disruption to ongoing IT services, thus:
- Reduced Diligence - Significantly limiting the frequency of testing to once or twice a year
- Limited number of vulnerabilities identified - It takes around 3 hours to run 18 DDoS attack vectors.
- Major Disruption - All staff are required to be on standby at abnormal hours for DDoS testing.
"97% of Companies have vulnerable DDoS mitigation systems deployed. Testing that mitigation and closing those DDoS vulnerabilities is very disruptive with traditional DDoS Testing.
That's over now!"
Matthew Andriani, MazeBolt Founder & CEO
The MazeBolt DDoS Radar – Non Disruptive DDoS Testing
MazeBolt’s "DDoS Radar" is based on proprietary revolutionary Non Disruptive DDoS Testing Technology, that allows companies to test their environments against DDoS attacks continuously 24/7 without any disruption to ongoing operations.
Unlike traditional DDoS Testing that only launches DDoS attacks against the target network, the DDoS Radar continuously 3D monitors all of the target’s IP addresses to establish a big data understanding of their health. The DDoS Radar then in an ongoing manner gradually launches DDoS attacks against the target's environment, while in real-time measuring attack leakage i.e. Potential vulnerabilities, and if during the testing, any slight degradation in the health of the tested environment occurs, testing halts immediately and results are provided for post analysis. This allows for ongoing certainty of any IT infrastructure to be quickly secured as new vulnerabilities are identified.
The DDoS Radar non disruptive testing allows companies to have:
- ZERO disruption or impact to ongoing IT systems
- Continuous 24/7 DDoS Validation
- Exponentially more DDoS vulnerabilities tested
Interested in learning more?
Sign up for the DDoS Radar Launch Webex, and we'll send you an invite when we launch: here