DDoS Resiliency Made Easy with Red Button's Testing Platform
Red Button is a security services and consulting company specializing in mitigating and preventing Distributed Denial of Service (DDoS). Towards that purpose, they’ve introduced the DDoS Resiliency Score, an open standard, virtual DDoS testing technology that enables immediate assessment, as well as a range of proven processes and methodologies for SOC/NOC teams. In this article, we interviewed CEO Ziv Gadot to learn more about what the hell is DDoS and how it can be avoided. Share
I've been in the cyber industry for nearly 20 years, specializing in the DDoS scene. I founded RedButton 4 years ago with the mission to prepare organizations for DDoS attacks.
The way we work is by providing various services that are needed for organizations at different stages of development, to reach the resiliency level they need.
There are about 10 vendors (such as Radware, Akamai, Imperva Incapsula and CloudFlare) that provide a DDoS mitigation software or service, but just enrolling or deploying their service is not enough. In order to be truly protected, you need to perform additional actions. Firstly, to run DDoS attacks in order to verify that protection is working and that your IT is responding as expected.
We believe that DDoS mitigation without testing is like releasing a software without doing QA. DDoS testing is one of our primary services, and we have our own propriety DDoS testing platform.
For some organizations, DDoS testing is a complicated and expensive process. We are aware of that, so we developed a complementary tool we call the DDoS Calculator, which assesses security by collecting information from the organization, and producing a report without firing a single DDoS attack
The real differentiator between Red Button and other testing companies is that once we perform the testing or evaluation, we do not stop there. Any testing is likely to reveal some gaps. To close them, you need to perform a configuration review, hardening, DDoS training and add additional DDoS mitigation layers. Red Button provides all of those services.
What is the discourse of a DDoS attack and how can it be avoided?
DDoS stands for distributed denial of service. It is probably the easiest cyber-attack to generate. The attacker only needs to generate a massive amount of requests to a service. Each request by itself is perfectly legitimate, but the amount of requests overwhelms the service or network, causing it to slow down until reaching complete outage. When that happens, legitimate users are unable to access the service, and hence is the impact of the attack.
These days, it is totally unacceptable for banks, e-commerce sites, payment services and online gaming, who absolutely cannot allow outage to their service.
Outage means they lose money every second the service is down, not to mention the impact on their reputation.
What is the DDoS Resiliency score?
The DDoS Resiliency score is a standard that was initiated by Red Button, and has become a preliminary standardizing tool across the industry. It is an open source standard that can be used by anyone at no cost. The main goal is to be a benchmark that allows organizations to do something that was impossible before: to measure their DDoS resiliency and get a score on a scale from 0-7, where 0 means not resilient at all and 7 means the organization is fully prepared for any DDoS attack.
The standard doesn't tell you what to do. Rather, it is used to put theory into practice within the organization.
We strongly encourage organizations to embrace these standards and gain the visibility they need. The standard specifies 7 levels of attacks. Each level has several attack vectors. If you pass them, your score increases, and you can go to the next level. At the end of the process you get a final score, that you can act upon to harden your defenses.
What can you tell us about your "DDoS Day" conference?
DDoS Day is a boutique conference we do every year in different locations. We gather the DDoS community, including organizations, vendors, consultants and integrators, who speak about DDoS attacks and mitigation and provide education on the topic. We had a DDoS Day in Vienna last month.
When it comes to law enforcement, Cyber-attacks generally tend to go un-noticed. How can we expect that to change?
Firstly, there is some law enforcement activity in cybercrime, but of course there's room for improvement. I expect it to happen over the next years.
The main question is, where do we draw the borders? Even in criminal activity unrelated to cyber, there's a shared responsibility between the government, the police and the citizens. I have locks on my door, some of my friends have security cameras, I have insurance, so not everything is under the responsibility of the government.
Specifically for DDoS, from a nation's point of view, the first milestone is that each organization protects itself individually. The nation needs to ensure that there would not be a massive amount of attacks impacting industries, and that public communication infrastructure remains relatively secure.