DDoS Attack Protection and Mitigation
Comprehensive Layer 3 to Layer 7 Distributed Denial of Service Protection that Scales with Your Environment
Prevent DDoS Attacks Across Hybrid Cloud Environments
Defending organizations from the many forms of modern DDOS attacks is one of the key capabilities of ThreatX. We provide offerings that align with the unique demands of any size organization:
- Protect any application in any environment
- Layer 7 DDoS
- Layer 3 & 4 Volumetric DDoS
- 24/7 Managed Security Services
Application Layer DDOS Protection
Application layer or Layer 7 (L7) DDoS attacks can be some of the trickiest to mitigate and are often missed by traditional security tools. Attackers will use bots to mimic valid users and take advantage of an application’s functionality. By taking advantage of faulty business logic or crafting highly intensive queries such as a database lookup, an attacker can overwhelm an application with a relatively small amount of normal-looking traffic. ThreatX uses multiple detection techniques and a combination of automated challenges, IP interrogation and tarpitting to ensure long-running queries, HTTP floods, and other L7 attacks are mitigated quickly and appropriately without impacting valid users.
Network Layer 3 & 4 DDoS Protection
ThreatX provides highly scalable, low-cost protection from volumetric DDoS attacks which typically occur at Layers 3 and 4. With virtually no impact to end-users, the ThreatX standard DDoS coverage protects up to 100Gb of inbound traffic against sophisticated and large-scale attacks. The platform can scale on demand to even higher levels of traffic and is managed by ThreatX’s 24×7 Managed Security Services to proactively identify appropriate response options and minimize impacts to customer systems.
Enterprise Class DDoS Protection
ThreatX also provides additional DDOS attack protection services for customers with high bandwidth or service level requirements. ThreatX partners with multiple enterprise class L3/L4 DDoS providers with extremely large infrastructures capable of absorbing multiple-terabyte attacks. ThreatX actively manages these services through our 24×7 SOC, working with partners to identify and mitigate even the largest attacks in real time. Pricing varies and ThreatX will work closely with the customer to determine the optimal solution for requirements and budget available.
Entity and Behavior Analytics
ThreatX goes far beyond the signatures and anomaly detection to identify and track malicious entities even as traits such as IP addresses and user agents change. This lets us track and compile and complete picture of an entity’s risk so that enforcement is both highly accurate and laser-focused on the threats that matter the most.
ThreatX combines a wide variety of proprietary techniques to reliably identify attacking entities even as they change IP addresses or user agents. This includes but is not limited to TLS fingerprinting and analytical profiling of entity traits and behaviors.
Entity Tracking and Risk Attribution
ThreatX then continuously monitors all entity behaviors and correlates all behaviors over time into a unified risk score. This allows security teams to see coordinated attacks and to identify and stop “low and slow” attacks that would normally fly under the radar.
Entity Actions and Response
ThreatX can actively engage entities to collect additional insights or take a variety of protective responses. This can include putting the entity on a watch list, active interrogation, tarpitting, blocking, any whitelisting or blacklisting.
ThreatX automatically learns normal application behaviors and traits to establish baselines for the application. This can allow staff to identify any anomalous behavior which could be an early sign of attack.