Frequently Asked Questions

Product Overview & AWS DDoS Testing

What is AWS DDoS Testing by Red Button?

AWS DDoS Testing by Red Button is a fully managed service that simulates realistic DDoS attacks tailored to your specific AWS deployment. As an authorized AWS DDoS Test Partner, Red Button validates your system's DDoS protection by running attack simulations that match your architecture (e.g., CloudFront with ALB and EC2, or API Gateway and AWS Lambda). The service includes detailed reporting, remediation guidance, and optional retesting to ensure your defenses are effective. Note: The service is focused on AWS environments; for other cloud or hybrid setups, see Red Button's broader DDoS testing offerings.

How does Red Button tailor DDoS testing to my AWS architecture?

Red Button customizes each DDoS simulation based on your AWS deployment. For example, if your setup uses CloudFront, ALB, and EC2, the attack simulation will differ from one designed for API Gateway and AWS Lambda. This ensures that the test challenges the actual architecture and protection mechanisms you have in place. Note: Customization is limited to the AWS environment details you provide; for multi-cloud or hybrid environments, additional scoping is required.

Testing Process & Implementation

What is the typical timeline and customer effort required for AWS DDoS Testing?

The onboarding and planning phase for AWS DDoS Testing typically takes around two weeks from kickoff to test start. The total customer time commitment is about five hours: one hour for a pre-test interview, three hours for the live test session, and one hour for results readout and remediation recommendations. Red Button handles all other aspects, including planning, execution, and analysis. Note: Larger or more complex environments may require additional time for scoping and approvals. Source

What resources or access does Red Button require from my team?

Customers need to provide access to their infrastructure or network security team for real-time monitoring and to authorize necessary actions during the test. Red Button assists in obtaining any required third-party approvals (e.g., from ISPs or AWS). Minimal customer effort is required beyond these steps. Note: If your organization has strict change management or approval processes, additional coordination may be needed.

Testing Methodology & Technical Capabilities

What types of DDoS attacks can Red Button simulate on AWS?

Red Button can simulate over 100 distinct attack vectors, including volumetric, protocol, and application-level (Layer 7) DDoS attacks. Simulations are executed safely using a proprietary distributed botnet platform spanning over 30 countries. The platform can generate attack volumes up to 300 Gbps, 5 million packets per second (PPS), and 500,000 HTTP requests per second (RPS) using up to 1,000 attacking botnets. Note: The scope of attacks is defined and approved with the customer prior to testing. Source

What testing methodologies does Red Button use for AWS DDoS Testing?

Red Button uses three primary methodologies: Blackbox (external attacker simulation with no prior system knowledge), Whitebox (full visibility for deep-dive analysis), and Graybox (partial knowledge for hybrid scenarios). The methodology is chosen based on your goals—regulatory audits, secure SDLC, or insider threat simulation. Note: The chosen methodology may affect the depth and scope of findings. Source

Does Red Button test application-level (Layer 7) DDoS attacks on AWS?

Yes, Red Button's simulations include application-level (Layer 7) DDoS attacks. These are executed safely and can be tailored to specific AWS workloads, such as web applications behind CloudFront, ALB, or API Gateway. Note: The exact scenarios and targets are defined during the planning phase and require customer approval. Source

Reporting, Remediation & Continuous Improvement

What kind of reporting and remediation guidance does Red Button provide after AWS DDoS Testing?

After testing, Red Button delivers a detailed report identifying all security flaws, prioritized by severity. The report includes remediation recommendations, such as optimal AWS WAF configurations and suggestions for additional security components. An optional retesting session is available to validate implemented fixes. The DDoS Resiliency Score (DRS) is included to benchmark your protection level against industry standards and competitors. Note: Reports are tailored to the AWS environment tested; for multi-cloud or hybrid reports, additional services may be required. Sample Report

Does Red Button help implement remediation recommendations after AWS DDoS Testing?

Red Button provides actionable remediation recommendations and can conduct a retesting session to validate that fixes have been implemented correctly. However, direct implementation of changes within your AWS environment is typically the responsibility of your internal team or service provider. Note: For hands-on remediation, consult with Red Button during the planning phase to clarify available support options.

Security, Compliance & Certifications

How does AWS DDoS Testing by Red Button support compliance requirements?

Red Button's AWS DDoS Testing supports compliance with standards such as ISO 27001 and SOC 2 by providing compliance-grade reporting, a DDoS Resiliency Score, and audit-ready evidence. Reports include actionable insights and remediation steps to help organizations meet regulatory requirements (e.g., SAMA, MAS, HKMA). Note: While Red Button supports compliance, final certification depends on your organization's overall security posture and audit process. Source

Use Cases, Customers & Industry Fit

Who should consider AWS DDoS Testing by Red Button?

AWS DDoS Testing is designed for organizations running critical workloads on AWS, including Fortune 500 enterprises, financial services, online trading and payment platforms, ISPs, gaming firms, and government agencies. Typical roles involved are CISOs, cybersecurity managers, cloud architects, and heads of security. Note: Organizations with highly customized or multi-cloud environments should discuss scope with Red Button to ensure fit. Source

What are some real-world examples of AWS DDoS Testing outcomes?

Case studies include a business intelligence company hosted on AWS that improved its DDoS defense posture after Red Button's testing (read the case study). Other examples span financial services, government, gaming, technology, and logistics, demonstrating Red Button's experience across industries. Note: Outcomes depend on the organization's initial security posture and engagement scope.

Limitations & Considerations

Are there any limitations or scenarios where AWS DDoS Testing may not be the best fit?

AWS DDoS Testing is best suited for organizations with defined AWS workloads and a need for compliance-grade validation. It may not be optimal for organizations seeking hands-on remediation, those with highly dynamic or multi-cloud environments, or those requiring continuous, automated DDoS defense (as opposed to periodic validation and improvement). Detailed limitations not publicly documented; ask Red Button sales for specifics.

Technical Documentation & Resources

Where can I find technical documentation and resources about AWS DDoS Testing?

Red Button provides datasheets, white papers, a knowledge base, and a resource library with technical documentation, case studies, and a DDoS glossary. Access these resources at the resource library and the knowledge base. Note: Some resources may require registration or direct inquiry for access.

Red Button

AWS DDoS Testing

Validate your system’s DDoS protection on AWS

Authorized DDoS Test Partner

DDoS Testing Tailored 

to Your AWS Deployment

Verify your DDoS protection with attack simulations that challenge your specific deployment architecture. If your deployment includes CloudFront with ALB and EC2 behind it, for example, then we’ll run an attack simulation quite different from the one we’d plan if you had an API Gateway and AWS Lambdas.

 

Actionable
Remediation Guidance

Following a DDoS simulation, you’ll receive:

  • A detailed report identifying all security flaws, prioritized by severity.  (See a sample test report)
  • Remediation recommendations – from optimal configuration of AWS WAF options to the addition of specific security components.
  • An optional re-testing session to validate the fixes you implemented.

Red Button

Get Results with
Near-Zero Efforts

Our fully managed DDoS testing service saves you time and resources:

  • End-to-end test planning, execution and analysis by highly experienced DDoS experts.
  • A total of five hours of your time: One hour for pre-test interview, three hours for test session, one hour for reporting the results and our recommendations.

Red Button

Learn More

How do we perform DDoS testing to challenge your systems. (1.5 min)

Read More

Improving the protection of a Business Intelligence Company hosted on AWS

Read More

FAQ

Why do I need testing if AWS provides protection?

DDoS 360 is a fully managed, expert-led DDoS resilience program built for high-risk organizations that must prove operational readiness and maintain continuous availability. Instead of one-off tests, it operates as a continuous improvement cycle consisting of Testing, Hardening, Retesting, and Training, plus dedicated Incident Response support. This process continuously validates your defenses against real-world scenarios while placing minimal operational burden on your internal teams.

Do I need to update AWS before the test?

Simply having tools is rarely enough; in fact, 75% of companies fail to mitigate severe DDoS attacks. This high failure rate is primarily driven by overconfidence, untested defense mechanisms, underutilized protection technologies, and a lack of team training on how to identify and mitigate attacks. Continuous testing ensures your expensive anti-DDoS tools are correctly configured to handle evolving threats.

Do you also test application level (Layer 7) DDoS attacks?

Our simulations are incredibly realistic, executed safely using a proprietary distributed botnet platform spanning over 30 countries. We can simulate massive real-world conditions, including attack volumes up to 300 Gbps, up to 5 Million Packets Per Second (PPS), and up to 500,000 HTTP Requests Per Second (RPS) using a fleet of up to 1,000 attacking botnets and over 100 distinct attack vectors.

How long does DDoS testing take?

We utilize three primary testing methodologies depending on your goals:

  • Blackbox: Simulates an external attacker with no prior system knowledge, which is ideal for real-world simulation, external pen-testing, and regulatory audits.
  • Whitebox: Grants us full visibility into your architecture for a deep-dive analysis, best suited for secure SDLC and architectural hardening.
  • Graybox: Utilizes partial system knowledge, offering the best of both worlds for insider threat simulation and hybrid environments.
Does your testing service include configuration recommendations?

The DDoS Resiliency Score (DRS) is a core metric included in our expert reporting. It measures your current protection level against your desired industry benchmark and your competition. Over successive testing and hardening cycles, you will see your DRS improve as security flaws are closed.

Can you help us implement the recommendations?

A DDoS attack scenario is a distinct simulation configuration that combines a specific attack vector with defined targets. For example, pairing an HTTP GET Flood (the vector) against a specific application URL (the target) equals one scenario. Depending on your tier, we safely run between 6 and 12 distinct attack scenarios per testing session to stress-test different parts of your infrastructure.