DDoS Strike Logo

A customizable solution to battle test your DDoS mitigation

DDoS Strike

A customizable solution to battle test your DDoS mitigation

The increasing prominence of Distributed Denial-of-Service (DDoS) attacks on organizations has cost them service downtime, lowered productivity, negative brand reputation, decreased stock value and many other serious implications.

The ever-accelerating power and sophistication of these attacks are evolving into something even the best DDoS mitigation controls are unable to identify. This is because most organizations do not implement a testing protocol that is robust enough - or, even have one at all - that can recognize a DDoS threat.

Security Compass’s DDoS Strike delivers controlled and monitored simulated attacks that allow us to identify where an organization is vulnerable and where fine tuning needs to take place, without taking their systems down.

From Our Experts
View More Entries

Key Features

Customer Involvement

Tried and tested rules of engagement to ensure the customer is included throughout the process

Expert Involvement

Controlled and monitored testing conducted by DDoS experts, with advanced knowledge of the latest trends, techniques and attack vectors

Safe and Controlled

Ability to dial up attack intensity slowly, in order to identify the breaking point of a system without actually taking it down

Comprehensive Reporting

Detailed reporting demonstrates a play by play of the test and a vendor-agnostic action plan to fix any issues discovered

Fully Authorized

Contacts with the appropriate law enforcement agencies to alert them prior to the test

Detailed Reconnaissance

Blackbox reconnaissance on your infrastructure to identify the most susceptible targets and most likely attack vectors

Attack Diversity

An extensible framework capable of launching over 20 DDoS attack types spanning layers 3 to 7 of the OSI stack (see below)

Remediation Guidance

Optional deployment of expert resources for detailed remediation guidance

Processes

Our 5 stage process provides flexibility depending on the maturity of your organization’s defense.

A glow surrounding the main icon highlighted version of

Reconnaisance
We enumerate and analyze your infrastructure’s attack surface. We identify likely targets and the most relevant attack types for your environment.


A glow surrounding the main icon highlighted version of

Staging
Prepare the attack within our distributed solution comprised of nodes situated amongst a variety of cloud providers that generate the DDoS traffic.


A glow surrounding the main icon highlighted version of

Execution
The DDoS simulation, we target assets and functionality identified and approved in the Recon phase.


A glow surrounding the main icon highlighted version of

Remediation
This phase is recommended, but if it is not selected, we will still provide observations and recommendations for improvement.


A glow surrounding the main icon highlighted version of

Retest
Following remediation, we will conduct the exercise again, in order to ensure that any fixes have been applied correctly and that the risk has been mitigated.


Approaches

DDoS Strike can be delivered in one of two ways, depending on your goals and organization’s needs:

Blackbox

This method best suits an organization that has yet to be attacked, preparing them for real attack implications.

  • Closest to simulating an actual attack
  • A date and target are chosen, but the test is considered internal confidential and kept within a small group
  • Security and network operations teams have no or limited knowledge of the test

COLLABORATIVE

This method best suits an organization looking to fine tune their controls, working together to suggest areas of improvement.

  • We work closely with your team throughout the full 5 stage process
  • Watch as we conduct the test
  • Open communication to focus and modify the attacks at your request
  • Ability to fix the errors on the fly

We conduct customized attacks based on requirements at layers 3 — 7

We've built and designed an extensible framework for creating and launching attacks that span layers 3 to 7* The extensible nature of the framework allows us to simulate any type of attack seen in the wild, as well as create customized attacks, tailored for a client's specific requirements. Below are a list of commonly seen attacks that we can simulate:

Layer 7:
Application
Acts as the interface for users and applications allowing them to communicate over a network.

a large red XSlow Loris
a large red XSlow POST
a large red XSlow Read
a large red XHTTP/S Flood
a large red XCVE Attack Vectors
a large red XLarge payload POST requests
a large red XDatabase Connection Pool Exhaustion
a large red XResource Exhaustion
a large red XMimicked User browsing
a large red XDNS Query/NXDOMAIN floods
a large red XOther protocol floods (SMTP, DNS, SNMP, FTP, SIP)

Layer 6:
Presentation
Transforms data into a common format that is consumable by the Application Layer.

a large red XSSL Exhaustion

Layer 5:
Session
Establishes a context which encapsulates the messages being exchanged between processes on different machines.

a large red XLong lived TCP sessions (Slow Transfer)
a large red XConnection flood/exhaustion

Layer 4:
Transport
Responsible for providing guarantees on message delivery, arrival order, loss recovery, and error recovery.

a large red XSYN Flood
a large red XOther TCP Floods (varying state flags)
a large red XUDP Flood
a large red XIPSec Flood (IKE/ISAKMP association attempts)

Layer 3:
Network
Allows packets to be routed through a network enabling indirectly connected nodes to exchange data messages.

a large red XBGP Hijacking
a large red XICMP Flood
a large red XIP/ICMP Fragmentation

Layer 2:
Data Link
Handles detecting and/or correcting errors introduced at layer 1 in order to establish a reliable link between two connected machines.

a large red XAttacks at layers 1 and 2 target the base of a network itself. They would require direct physical and internal access to a company's network, making them unlikely to be performed in the wild.

Layer 1:
Physical
Defines the physical specification for translating digital data into signals to be sent across a physical medium (such as copper or wireless link).

a large red XAttacks at layers 1 and 2 target the base of a network itself. They would require direct physical and internal access to a company's network, making them unlikely to be performed in the wild.

Battle Test your DDoS mitigation

Contact us

257 Adelaide Street West, Suite 500
Toronto ON, Canada
M5H 1X9

Snail Icon

1 Yonge Street, Suite 1801
Toronto ON, Canada
M5E 1W7

Tell us about yourself...

Message

Security Compass Logo