DDoS Detection and Testing
DDoS Detection and Testing
Distributed Denial of Service (DDoS) attacks are a major cyber security threat organizations need to address. A DDoS attack can be seen as when an attacker makes use of devices like routers to flood a target's web infrastructure with requests. The infrastructure cannot handle the spike in traffic and is effectively rendered offline, impacting legitimate requests by clients and employees.

Security firms have noted that attackers are using DDoS attacks as a means to extort organizations. By the end of the year, one firm predicts that it will detect over 7,500 of these attacks. This makes protecting against a DDoS a priority.

Another method to harden an organization's infrastructure against DDoS attacks is to test it by simulating a DDoS attack. There are several highly reputable organizations that provide white-box DDoS testing. The service involves the company simulating an attack, which will inform the organization of where the weaknesses are in the infrastructure. Such a test will also help determine what detection and remediation solution would be most suited to the needs of the organization.

Companies providing testing services can test both low and high-level attack methods, with high-level attacks occurring at the application layer. This helps simulate real-world scenarios as best as possible and provides the organization being tested a comprehensive result on how best to defend against future attacks.

Active Defence
Regarded as one of the biggest threats to your web infrastructure, DDoS attacks can be defended against. One such method is by being able to detect an attack before the spike in traffic takes services offline. There are a variety of products available that will detect and remediate an attack, choosing the right product then needs to meet the organization's specific requirements.

Traditional DDoS defenses include firewalls and load balancers. As the ability to conduct ever more ambitious and sophisticated attacks increased, security researchers developed solutions that focused on the application layer. While the traditional methods have proven effective at stopping small-scale attacks, for today's large attacks designed to cripple even the most robust infrastructure a dedicated DDoS service will be needed.

Detection Tools
Modern detection tools come either as on-premises or in-cloud as well as a hybrid of both. On-premises solutions come with equipment designed to detect and reject traffic from a DDoS attack. These are recommended for internet service providers and managed security service providers. Cloud-based solutions rely on distributing services through distribution networks so if one site is rendered offline it can be switched to another location hosting the content and application of a website, making the DDoS ineffective as it would need to attack all locations of the network.
Being able to defend against DDoS attacks is a requirement for any company with Internet-facing services. Technology is available to enable this defense whether it's on-premises equipment or a cloud-based distribution network. Testing gives an organization the ability to see where weaknesses are and what detection and remediation solution is best.
See Also