The Most Realistic 
DDoS Simulation Testing

Harden your DDoS defenses against the tactics
and strategies of top hackers.

Authorized DDoS Test Partner

What Our Customers Say:

"Your team is so committed and dedicated that it feels like
we're your only customer."

- Cybersecurity Programs Lead at large bank

"Thanks for helping us handle a DDoS ransom threat and hardening our systems."

- CISO at a global digital payment company

"You listen to your customers and challenge the status quo with making your DDoS toolset even better."

- Cloud Solutions Architect at a multinational energy company

"Outstanding.
Kudos on the amazing team and work!"

- Global CISO at a cloud-based software platform

"Your DDoS experts are amazing individuals who are
extremely knowledgeable."

- AVP Cybersecurity at a North American professional sports league

"We love working with your team.
Work is very professional."

- CISO at a digital payments company

Find Out What Your DDoS Protection Is Really Worth

Challenge your system with hacker-like DDoS simulations:

  • Large multi-gigabit traffic volume from multiple global sources.
  • The latest, most sophisticated attacks, leveraging our incident response expertise.
  • Customized tests that stress your system architecture at its
    weakest points.

Harden Your Defenses

Fix all faults detected during the DDoS simulations:

  • Test reports list all defense vulnerabilities, prioritized by severity. See a test report example.
  • Actionable recommendations and retests help you close the identified gaps.
  • Our expert team helps you fix configuration and architecture changes.

Get Results with
Near-Zero Effort

Our fully managed DDoS testing service saves you
time and resources:

  • Test planning, execution and analysis performed by our highly experienced DDoS experts.
  • A total of five hours of your time: One hour for pre-test interview, three hours for test session, and one hour for reporting the results and our recommendations.

Gain Peace of Mind with Unmatched DDoS Expertise

With over 1500 DDoS tests performed since 2014, Red Button is trusted by both Fortune 500 enterprises and small companies:

  • We combine expertise in both attack simulation and helping companies respond in real-time to real attacks (Incident Response Team).
  • Our team is proficient with all vendor tools, so that we can provide improvement recommendations specific to your setup.
  • We use the DDoS Resiliency Score (DRS) – an objective open industry standard for rating your protection measures.

Learn More

The Growing Threat of Application-Layer DDoS Attacks

Read More

6 Tips for Preventing DDoS Attacks Using Rate Limits

Read More

FAQ

What is the process of your DDoS test simulation?

We begin with an exploration call to learn about your architecture, DDoS protection measures and goals. We then plan simulations that best suit the situation, with controlled attacks and coordination with your team. After the tests have been executed, we provide a detailed report of the results, including which attacks were not mitigated, their severity, and recommendations on how to improve your defenses. We review these results in a conference call and answer any questions you may have.

Do we need to inform Azure/AWS/our ISP before performing the DDoS simulations?

We will confirm that your ISP, cloud providers, mitigators and data center have agreed to the DDoS testing details. Because we are an authorized DDoS Test Partner of both AWS and Azure, we have standing approval from them to carry out DDoS tests (up to a certain volume of traffic) at any time, without the need for further notifications or permissions.

What do you need to know about our environment to perform testing?

Because we use a white box testing approach to design DDoS attacks that stress your specific architecture, we first learn about your services, network, and mitigation technologies. This helps us plan effective tests, as well as provide actionable recommendations for your environment. 

What type of DDoS attacks do you simulate in your testing?

Our tests are designed to simulate real-life attacks, based on the latest tactics and strategies of global hackers. They combine multiple attack vectors: 

  • Volumetric attacks from multiple global locations to test your ability to withstand extreme and sustained campaigns with massive traffic. 
  • Protocol (network-layer) attacks such as SYN floods, UDP floods, and others. 
  • Application-layer attacks that test your resistance to the more difficult-to-detect, layer 7 attacks.
Are there any risks in DDoS testing?

The risks are minimal. We employ multiple methods and procedures to minimize disruption and keep you in full control during test simulations. For example, testing can be limited to your pre-production system and carried out during maintenance windows. During a DDoS test, we increase attack rates gradually while monitoring your system’s response, and we can stop the attack immediately in case of any undesired impact. 

Do I need to install any software?

No. Our DDoS attack simulation is a fully managed service. There is no need to install any software. 

Is DDoS testing legal?

Yes. Since DDoS simulation tests are carried out with the knowledge and approval of the targeted organization, they are considered a legal activity. Read more about this here