Blog

Three DDoS Misconceptions Putting You at Risk

Our incident response team regularly engages with companies under DDoS attacks and often encounters security/IT teams that have been overconfident about their protection levels.  Primarily, this is due to misconceptions about DDoS protection. Here are three such misconceptions and how they can be solved. Our ISP fully protects us from all DDoS attacks The key…

Read More

4 Actions to Improve DDoS Protection

DDoS attack protection can become quite complex and require deep expertise. And yet, there are some basic steps you can take to improve your protection – without requiring any professional help. Here are four activities you can take right now. Run DDoS testing This is really the most basic and easiest step. Not performing any…

Read More

How to maximize the value of DDoS testing

Most companies don’t perform DDoS testing too often, which brings up the question – how do you get the most out of testing to ensure your systems are protected against attacks? In our experience, white box testing (where background and system information are provided in advance prior to the test) is the best method. Here’s…

Read More

Are Your Teams Trained to Stop a DDoS Attack?

When our Incident Response team is called to assist with mitigating a DDoS attack, we engage with multiple security and IT teams. In most cases, we discover that teams lack DDoS knowledge. This may seem trivial, but it holds back an organization from responding efficiently to an attack. When DDoS knowledge is missing and an…

Read More

3 Reasons Why DDoS Protection Fails

Even though companies spend hundreds of thousands of dollars on DDoS protection tools to secure websites and applications, many DDoS attacks succeed in bringing down systems and causing outages. The problem is not with the protection software tools themselves (at least not with the known brands). Rather, there are three key reasons that DDoS attacks…

Read More

How to Protect Against an HTTPS Bomb DDoS Attack

As part of our efforts to continually optimize our DDoS Testing and expand the attack vectors used, we recently focused on analyzing a DDoS attack called HTTP/S Bomb. The HTTP/S Bomb DDoS attack, which was identified by Radware (see their blog) and by Netscout (who call it a Large Payload POST attack), is difficult to…

Read More

Commercial DDoS Testing VS Open-Source-Based Testing

Overview Today, multiple open-source tools can be used to run a DDoS test. This raises the question: Can those tools can be used to replace commercial DDoS testing, thereby reducing the test cost? Open-source tools include tools like ‘hping’, ‘ab (Apache Benchmark)’, Cisco’s ‘TRex’ and other tools that can be classified as packet generators, traffic…

Read More

DDoS Basics 101 – Now accepting admissions for 2020

We are opening a two-day course for security professionals wishing to enhance their DDoS preparedness. The course offers both an in-depth theoretical knowledge of DDoS attacks and mitigation technologies, as well as hands-on training and simulations. CLICK HERE FOR THE COURSE PDF The current event is scheduled for 08/03-09/03 2020. For your convenience, we have…

Read More

DDoS Resiliency Made Easy with Red Button’s Mitigation Platform

Ziv Gadot, Red Button CEO’s interviewed VPN Mentor, The Authority on VPNs and Web Privacy, giving reliable advice, useful tips and VPN reviews on the best VPNs from their anonymity experts. Gadot shared with VPN Mentor Red Button DDoS points of view on the following items What is the discourse of a DDoS attack How DDoS…

Read More