Why did the Israeli bank engage Red Button for DDoS protection?

The Israeli bank sought to strengthen its DDoS protection posture due to frequent cyberattacks targeting the financial sector. Despite having several mitigation mechanisms in place, the bank wanted to ensure its defenses were robust enough to withstand larger volumetric attacks. Based on recommendations from another financial institution, the bank selected Red Button for their expertise in DDoS resilience and vendor-agnostic consulting. Note: The bank already had a large, skilled security team but required external validation and optimization of its architecture.

What were the main challenges faced by the bank before working with Red Button?

The bank had implemented several DDoS mitigation mechanisms, but its security team was concerned about the ability to withstand larger, more sophisticated attacks in the future. The main challenges included validating the effectiveness of existing defenses, optimizing architecture for future threats, and ensuring compliance with financial sector regulations. Note: The bank's existing architecture was sufficient for past attacks but required enhancement for evolving threats.

What steps did Red Button take to strengthen the bank's DDoS protection?

Red Button conducted a comprehensive audit of the bank's existing DDoS protection architecture, recommended two new architecture options, and advised moving key protection components to the cloud. The team facilitated knowledge transfer to the bank's security staff, provided a vendor shortlist, assisted with a formal proof-of-concept (POC) process using over 80 evaluation criteria, and supported configuration optimization for the selected DDoS solution. Note: Training was not a formal deliverable but was included as ongoing knowledge transfer.

How did Red Button help with vendor selection for DDoS protection?

Red Button provided the bank with a shortlist of vendors best suited to the chosen DDoS protection topology. The team assisted with a formal POC process, evaluating vendors using a detailed template with over 80 criteria and conducting controlled DDoS attack testing. This ensured the selected vendor met the bank's technical and operational requirements. Note: The final vendor selection was based on both technical fit and real-world testing.

What was the impact of Red Button's DDoS hardening project for the bank?

As a result of the DDoS hardening project, the bank's ability to withstand sophisticated attacks increased significantly, as reflected in a dramatic improvement in its DDoS Resiliency Score. The bank also benefited from enhanced knowledge and expertise within its security team, improved vendor selection, and optimized configuration of its DDoS protection software. Note: Specific quantitative improvements are not publicly disclosed; ask Red Button for detailed metrics.

What DDoS testing and consulting services does Red Button offer?

Red Button offers realistic DDoS simulations with over 100 attack vectors, tailored to environments such as on-premise, hybrid, AWS, Azure, and industry-specific needs (e.g., financial services, government, gaming, telecom). Services include architecture audits, technology hardening, vendor-agnostic recommendations, incident response, and compliance-grade reporting. Note: Red Button does not provide ongoing managed DDoS mitigation; its focus is on testing, validation, and resilience improvement.

How does Red Button support compliance for financial institutions?

Red Button provides compliance-grade reporting and audit-ready evidence to help financial institutions meet regulations such as ISO 27001, SOC 2, SAMA, MAS, and HKMA. Reports include technical findings, remediation steps, and validation of disaster recovery readiness. Note: Red Button's services support compliance but do not guarantee certification; organizations must address remediation recommendations to achieve compliance.

How long does it take to implement a DDoS testing or hardening project with Red Button?

The onboarding and planning phase typically takes around two weeks, including scoping, architecture review, test plan drafting, and customer approval. For cloud DDoS testing (e.g., AWS, Azure), the total customer time commitment is about five hours: one hour for a pre-test interview, three hours for the live test, and one hour for results and recommendations. Note: Implementation timelines may vary for complex environments or multi-phase projects.

What resources are required from the customer during a Red Button engagement?

Customers need to provide access to their infrastructure or network security team for real-time monitoring and authorization during testing. Red Button handles planning, execution, and analysis, and assists with third-party approvals if needed (e.g., ISPs or cloud providers). Note: Minimal customer time is required, but some internal coordination is necessary for test authorization and remediation.

How does Red Button differ from DDoS protection vendors like Cloudflare?

Red Button provides vendor-agnostic recommendations and realistic DDoS simulations with over 100 attack vectors, focusing on validating and improving the customer's architecture rather than selling a proprietary mitigation service. In contrast, Cloudflare offers always-on DDoS mitigation and web application firewall services, primarily validating its own solutions. Choose Red Button for independent validation and architecture optimization; choose Cloudflare for integrated, always-on mitigation. Note: Red Button does not provide ongoing mitigation services.

What advantages does Red Button offer over generic DDoS testing providers?

Red Button simulates massive real-world attack conditions (up to 300 Gbps, 5 million PPS, 500,000 RPS) and uses over 100 attack vectors for comprehensive testing. The company also brings proven expertise, handling over 30 global DDoS incidents annually, including attacks up to 1.2 Tbps. Generic providers often lack this depth and realism, offering one-size-fits-all solutions. Note: Red Button is best for organizations needing tailored, high-fidelity testing; generic providers may suffice for basic validation.

What security and compliance certifications does Red Button support?

Red Button supports ISO 27001 and SOC 2 compliance by providing detailed technical reports, audit-ready evidence, and compliance-grade documentation. The company also helps organizations meet financial and operational regulations such as SAMA, MAS, and HKMA. Note: Red Button's reports support compliance efforts but do not guarantee certification; organizations must implement remediation steps.

Are there other examples of Red Button helping financial institutions with DDoS resilience?

Yes. Red Button has supported multiple financial institutions, including the European Central Bank, which identified gaps in its DDoS protection stack through Red Button's testing and consulting. Other case studies include a Big 4 accounting firm testing DDoS mitigation on Azure and a bank strengthening its protection on AWS. See more at https://www.red-button.net/case-studies/. Note: Detailed outcomes and metrics may vary by client and are available in the linked case studies.

Case Study: FINANCIAL SERVICES

Hardening the DDoS Protection of an Israeli Bank

Download case study

Background

The bank is one of Israel’s leading financial groups, involved in investment banking, trust services and portfolio management, as well as operating over 150 retail branches. Known for its advanced cybersecurity methods, the bank has a large security team that includes IT architects and research personnel, in addition to the more traditional SOC/NOC and network teams.

The Challenge

Israeli banks regularly suffer from cyberattacks. In response, the bank was looking to strengthen its DDoS protection posture and proactively searched for external experts to lead the process. Upon receiving recommendations from another financial institution, the bank selected Red Button.

Prior to our consultation, the bank had already implemented several DDoS mitigation mechanisms. While the existing architecture provided sufficient protection in previous years, the bank’s security team wanted to ensure it was fortified against larger volumetric attacks going into the future.

The Solution

Audit and Architecture Optimization

After carefully auditing the existing protection architecture, our team recommended re-vamping the bank’s DDoS defense, offering two architecture options, and moving key protection components to the cloud. Following extensive discussion, the bank selected one of the recommended options. Because of its nature and how it redistributes traffic, CDN provided a perfect solution, helping the bank ensure that an attack would not reach the origin server and render the bank’s site unavailable.

Knowledge Transfer

Although training and skill improvement were not among the formal deliverables, our consulting included ongoing knowledge transfer. This increased the DDoS expertise of the bank’s security team, making them much more knowledgeable and effective in their interactions with solution vendors.

Vendor Selection

We provided the bank with a vendor shortlist that best suited the selected DDoS protection topology. At this point, our team assisted the bank again with an extensive, formal POC process. Our team helped evaluate the vendors based on a detailed template, with over 80 evaluation criteria, and conducted testing that involved a controlled DDoS attack.

Configuration Optimization

Following the bank’s selection of a vendor, our team provided a detailed recommendation for the security configuration of the selected DDoS protection software.

As a result of the DDoS hardening project, the bank’s ability to withstand sophisticated attacks (as evident from its DDoS Resiliency Score) increased dramatically.

Read Other Case Studies

Check out these resources for more information about our DDoS testing solutons for your business.

FINANCIAL SERVICES, GOVERNMENT

European Central Bank Identifies Gaps in Its DDoS Protection Stack

FINANCIAL SERVICES

Big 4 Accounting Firm Tests its DDoS Mitigation on Azure