“DDoS mitigation without a DDoS Testing is like software without QA”
Can your Defense-Lines Stand a DDoS Attack?
Can you estimate how long will it take from the moment an attack is launched till you are able to detect it and begin resolving it? Strategy and planning are critical. Yet, to really ensure your mitigation provides the right protection, you must test it under a realistic DDoS attack. Hence, our DDoS Testing platform is the answer.
Red-Button’s DDoS Testing service
Enhances your DDoS readiness by simulating attacks in a secured, controlled manner. Using proprietary cloud technology, our DDoS test simulation specialists generate multi-vector DDoS attacks and try to breach your defense systems.
With our DDoS Penetration Testing service, you can:
- Realistically asses your DDoS protection readiness, prior to a real attack
- Identify weakness points and improve your protection level
- Increase your confidence level for the day of a real attack
- Drill your engineering teams and managers
Types of Attacks Generated
Building on our expertise protecting against hundreds of DDoS attacks, we generate realistic attacks simulating the most recent attack trends. Your system will be tested for the following attack categories:
Volumetric DDOS attacks:
Our platform can generate a multi-gigabit attack traffic from multiple global locations. By doing that, we can test your ability to withstand extreme and sustained throughput, connection and packets loads. We apply the same load patterns as attackers, such as large UDP packets and SYN flooding.
Application layer DDOS attacks:
We use our DDoS testing platform to overwhelm your web server tier. We generat excessive HTTP/S GET or POST requests to selected URLs, in order to test your resistance to resource exhaustion.
Attackers can create extremely effective attacks using very low resources, such as DNS, SMTP or NTP amplification/reflection attacks. Our DDOS Penetration testing plans include similar test scenarios. This fact allows us to verify that your infrastructure is protected against such unexpected vulnerabilities.
How We Perform Attacks
Our simulated DDoS attacks are both legal and safe. All attacks require customer in-writing consent and performed based on planning session goals and agreed-upon schedule. To perform attack we use dedicated co-located servers (with absolutely no compromised hosts), and agents distributed globally. We use our management console to control attacks and in case of need, an emergency Stop button can instantly kill a simulated attack.
During this phase, we meet with your team to understand the structure of your system, assemble technical details, define clear goals and the exact schedule of the test.
CONTROLLED DDOS ATTACKS
Based on the defined goals, we launch multi-vector DDoS attacks. The attacks can include any combination of volumetric attacks, application -layer attacks and Low-and-Slow attacks. The test last between 2 to 6 hours.
SUMMARY & RECOMMENDATION
The summary phrase includes a f2f meeting and a written report summary. The report outlining the effectiveness of your existing DDoS mitigation solution. In addition, the report points out vulnerabilities within your infrastructure and provides recommendations on how to amend them.
Attack Vectors Perspective
Our DDoS Simulation covers the following Attack Vectors: Based on the defined goals, we launch multi-vector DDoS attacks that can include any combination of volumetric attacks, application-layer attacks and Low-and-Slow attacks.
The DDoS simulation service is offered by several companies and security consultants; however Red Button is so focused DDoS that our advantage is clear.
Other service's providers
|Total DDoS Service.|
The DDoS Simulation will reveal to many organization that they have gap to cover. Red Button does not stop there and offers all the tools and services to close the gap. By doing that, we continue with the customer the entire DDoS cycle. This includes architecture, vendor selection, training, and more.
For many provider’s DDoS is not the main focus of the company. These providers do also vulnerability assessment and phishing simulation. Hence, they will not provide consulting, training, and DDoS fully managed services. As a result, and after the test you are basically on your own.
Red Button uses the DDoS Resiliency Score (DRS) which is an open standard, facilitating an objective result.
Other DDoS providers either do not have a test standard at all. Furthermore they don't alternatively use a proprietary closed standard that neither you nor the entire industry can challenge.
|Virtual DDoS Simulation|
You can not always put all your assets into a DDoS Simulation. Therefore, in this case, Red Button offers a unique “virtual” DDoS Simulation tool. This tool can tell you where you stand in a white-box “dry” approach.