Vulnerabilities / Threats
1/31/2014
08:53 AM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Defense.Net Launches Frontline: A Primary DDoS Mitigation Service With 10x The Capacity Of Legacy Services

DDoS Frontline protects against the entire spectrum of DDoS attacks

BELMONT, CALIF. –– January 29, 2014 –– Defense.Net, the only company designed to mitigate the increasing scale and sophistication of modern Distributed Denial of Service (DDoS) attacks, today announced the launch of DDoS Frontline, a new primary DDoS mitigation service designed to protect businesses and organizations against the increasing threat of modern DDoS attacks that have disabled their web and business operations. DDoS Frontline combines a network provisioned with 10 times the bandwidth and mitigation capacity per customer of the leading primary DDoS mitigation providers with breakthrough new technologies specifically designed to counter the latest and most powerful DDoS attack techniques, ensuring continuous operations for customers. It also eliminates the harmful side effects created by legacy DDoS mitigation techniques.

"Since Weebly was founded in 2006, we have been somewhat unique in building our own infrastructure in-house, including our DDoS mitigation capabilities," said Chris Fanini, Co-Founder and CTO of Weebly, a website creation service which has enabled more than 20 million people to create their own high-quality websites. "While this infrastructure has served us well in successfully thwarting DDoS attacks in the past, we've recently seen an increasing number of attacks that are larger and more complex than before. By partnering with Defense.Net and utilizing their massive distributed scrubbing centers, we remain protected from these larger DDoS attacks – enabling us to remain focused on delivering our users a high-quality experience."

In DDoS attacks, perpetrators assemble an army of compromised computers (a botnet) to inundate a website with a volume of requests that overwhelms and crashes the website. Recently, the ease of access to sophisticated attack tools has advanced to a level where a botnet that can do millions of dollars of damage within minutes can be rented for $7 per hour, making these powerful attack tools widely available to anyone with a grudge, even with minimal technical knowledge. Motivations range from political and religious hacktivists, extortionists, business competitors and even disgruntled customers and former employees.

DDoS Frontline protects against the entire spectrum of DDoS attacks, from low-level Layer 7 attacks to the increasingly frequent large-scale attacks, including those that have overwhelmed traditional DDoS mitigation services and exceeded the size of the Internet pipe before any traffic can even reach an organization's mitigation equipment. The benefits over legacy DDoS mitigation services include:

· Fastest Time to Mitigation: Defense.Net's proprietary DefenseActioner technology intercepts each packet of traffic, determines its legitimacy, and automatically routes it to the most appropriate of Defense.Net's several hundred different mitigation solutions for the industry's fastest time-to-mitigation. It breaks down multi-layer attacks into their components for more thorough mitigation via the only systems specifically designed to mitigate each attack vector, versus legacy DDoS solutions that have a "one box does all" approach. Additionally, legacy DDoS mitigation services are based on having a human in the process. The new technologies created by Barrett Lyon and the Defense.Net team have automated the process where mitigation decisions and actions can be taken at the millisecond level, far faster than a human can respond. When needed, a human can be inserted into the Defense.Net mitigation process.

· All Internet Services Protected: While DDoS attacks have traditionally been aimed at the Web operations of their targets, hackers are increasingly attacking non-Web based protocols which are the foundation of many of the mission critical applications housed within the datacenter (NTP,TELNET, FTP, SNMP, SMTP, POP-3, CHARGEN, MIME and DNS).

· Eliminates Mitigation Side Effects: Defense.Net technologies eliminate the damaging side effects created by legacy DDoS mitigation solutions such as false positives, blocked users, fraud alerts, fragmentation, slow page loads, broken links, and stalled or timed out video streams. Unlike existing solutions, Defense.Net can put out the fire without breaking windows and getting water all over the place to do so.

· Highest Levels of Visibility Before, During and After an Attack: Defense.Net Frontline includes Defense.Net AttackView&trade, the only interactive customer portal to instantly provide the detailed information on an attack in real-time, as well as post-attack analysis. AttackView breaks down each attack into a unique timeline "story" and contains information on attack type, source and size and also the mitigation techniques utilized. It includes data not typically provided by leading DDoS mitigation services, including attack origin, diagnostics of the attack traffic, specific mitigations performed, the result of each mitigation vector on attack traffic, and how each attack responds and morphs based on the specific mitigations performed.

"DDoS attacks have grown significantly in the past 18 months, taking down even some of the largest and most heavily defended websites," said Chris Risley, CEO of Defense.Net. "DDoS Frontline offers an entirely new set of network technologies specifically designed to protect large enterprises and critical infrastructure from today's DDoS attacks and the growing number of actors carrying out these attacks."

Defense.Net Frontline is based on the following components:

· Largest Network & Mitigation Capacity: Abundant network bandwidth is a key element to fighting any DDoS attack and Defense.Net has developed proprietary technologies that enable it to mitigate DDoS attacks using bandwidth more efficiently than legacy DDoS mitigation services. Its massive, fully redundant datacenters have the ability to mitigate in excess of 100% of its network capacity. This network, built from the world's most trusted Tier 1 and Tier 2 carriers, has 10 times the network and mitigation capacity per customer than its closest competitor

· Veteran Team: The Defense.net "Zero Day Team" includes the best and brightest DDoS mitigation experts and network operators in the world, including veterans of Prolexic, Verisign, BitGravity, Juniper, Box.net and Apple's security team. Defense.Net Founder and CTO Barrett Lyon created the DDoS mitigation industry more than 10 years ago when he founded Prolexic Technologies. This led to his pursuit of hackers operating as part of the Russian mob, as chronicled in the best-selling book, Fatal System Error by Joseph Menn.

· Proprietary Technologies: Defense.Net's DefenseD platform of new technologies was custom built to respond to today's modern attacks. These technologies, developed by Barrett Lyon, include traffic inspection technologies such as Traffic SpectrumTM (a new technique for breaking multi-layer attacks into their components for more thorough mitigation), traffic routing technologies such as DefenseActioner&trade and IP Reflection&trade (a patent-pending asymmetric approach for delivering clean traffic back to the organization under attack), and traffic scrubbing technologies such as SYNAssure&trade (a new technique for mitigating SYN Flood attacks that detects suspect SYN requests and conducts further analysis before blocking).

"The DDoS threat is constantly morphing and requires that businesses have the most current defenses in place," said Defense.Net founder and CTO Barrett Lyon. "In addition to the best technologies, network and team, Defense.Net is providing enterprises with the highest levels of transparency and customer service. We understand the concerns of the companies we're protecting and understand that "false positives" are more than an acceptable side effect of mitigation – they're your customers."

About Defense.Net

Founded by Barrett Lyon, who created the Distributed Denial of Service (DDoS) attack mitigation industry more than 10 years ago, Defense.Net has combined the top minds in the DDoS space with breakthrough new technologies designed to effectively address today's and tomorrow's DDoS mitigation challenges. It is the only company to defend businesses and organizations against this new generation of massive and sophisticated DDoS attacks while delivering the highest levels of Internet application performance – two areas where legacy DDoS mitigation services have not been able to match the modern strategies of today's cyberattackers. With increasing threats from the escalating scale and complexity of DDoS attacks and a growing number of antagonists willing to use them, Defense.Net protects organizations from modern attacks by providing end-users with a seamless experience as if no attack were occurring. The company has raised more than $9.5M in debt and equity financing with investors that include visionary security and Internet investor Bessemer Venture Partners (BVP).

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
Partner Perspectives
What's This?
In a digital world inundated with advanced security threats, Intel Security seeks to transform how we live and work to keep our information secure. Through hardware and software development, Intel Security delivers robust solutions that integrate security into every layer of every digital device. In combining the security expertise of McAfee with the innovation, performance, and trust of Intel, this vision becomes a reality.

As we rely on technology to enhance our everyday and business life, we must too consider the security of the intellectual property and confidential data that is housed on these devices. As we increase the number of devices we use, we increase the number of gateways and opportunity for security threats. Intel Security takes the “security connected” approach to ensure that every device is secure, and that all security solutions are seamlessly integrated.
Featured Writers
White Papers
Cartoon
Current Issue
Dark Reading's October Tech Digest
Fast data analysis can stymie attacks and strengthen enterprise security. Does your team have the data smarts?
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2014-7298
Published: 2014-10-24
adsetgroups in Centrify Server Suite 2008 through 2014.1 and Centrify DirectControl 3.x through 4.2.0 on Linux and UNIX allows local users to read arbitrary files with root privileges by leveraging improperly protected setuid functionality.

CVE-2014-8346
Published: 2014-10-24
The Remote Controls feature on Samsung mobile devices does not validate the source of lock-code data received over a network, which makes it easier for remote attackers to cause a denial of service (screen locking with an arbitrary code) by triggering unexpected Find My Mobile network traffic.

CVE-2014-0619
Published: 2014-10-23
Untrusted search path vulnerability in Hamster Free ZIP Archiver 2.0.1.7 allows local users to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the current working directory.

CVE-2014-2230
Published: 2014-10-23
Open redirect vulnerability in the header function in adclick.php in OpenX 2.8.10 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the (1) dest parameter to adclick.php or (2) _maxdest parameter to ck.php.

CVE-2014-7281
Published: 2014-10-23
Cross-site request forgery (CSRF) vulnerability in Shenzhen Tenda Technology Tenda A32 Router with firmware 5.07.53_CN allows remote attackers to hijack the authentication of administrators for requests that reboot the device via a request to goform/SysToolReboot.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Follow Dark Reading editors into the field as they talk with noted experts from the security world.