DDoS Readiness Program

About Red Button Red Button A Leader in DDoS Consulting Founded in 2014 Service based Self funded Found by Ziv Gadot – Formerly Radware ERT (Emergency Response Team) founder and manager – 10 years at Radware, Check Point, Inter – Participated in numerous DDoS mitigation defense MEDIAPPLICATIONS

DDoS

Brief History of DDoS Intensity OpPayback “wikileaks” Dec 2010 DDoS Era First Bullet OpAbabil Sep Oct 2013 The largest attack ever Anonymous Attacks DDoS is a simple to generate OpJustina Boston Children Hospital Jan 2014 Everyone can become a target DDoS continue to be a Mainstream Attack

How to be Prepared for DDoS Attacks? PREPARATION before attack QUICK RESPONSE during attack Design & Execution Response Validation Emergency Response Assessment Gap Analysis Design POC Game Plan Mitigation Technologies Integration Procedures Training Pen Test War Games 24/7 Emergency Response Architecture & DesignExecutionOn-going

Is this Really Done? PREPARATION before attack QUICK RESPONSE during attack Design & Execution Response Validation Emergency Response Assessment Gap Analysis Design POC Game Plan Mitigation Technologies Integration Procedures Training Pen Test War Games 24/7 Emergency Response Architecture & DesignExecutionOn-going ✔ ✔ ✘ ✘ ✘ ✘ ✘ ✘ ✔ ✔ ✘ ✘

Red Button Building Blocks

DDoS Readiness Score

Definition “The ‘DDoS Readiness Score’ is an open standard representing how much DDoS pressure can the organization withstand prior to outage where 0 is none and 7 is any.”

DDoS Readiness Score Attacks Sophistication Attacks Volume 1 “poking” 2 “script kiddy” 3 “basic” 4 “sophisticated” 5 “APT” 6 “extreme” 7 “state sponsored”

‘Tsunami’ DDoS Simulation

‘Tsumani’ DDoS Simulation

DDoS Readiness Assessment Expert System (DRAES)

DDoS Readiness Assessment Expert System Where are your assets located? Are you using CDN? What is you internet pipe size? Which mitigation do you have in place? Expert System DDoS Readiness Score

Gap Analysis

DDoS Readiness Score Score = 2.3 DDoS Readiness Assessment Expert System Tsunami DDoS Simulation Black-box White-box

Gap Analysis Threat Level DDoS Readiness Score Balanced Line 3.7 Vertical Balanced Point

Design

Design Phase 3Phase 2Phase $ per month4000$ per month5,000$ (once)Cost 5 weeks8 weeks3 weeksDuration 3 days5 days1 daysInternal Resources Purchase SSL protection DDoS Simulation Purchase Cloud mitigation SOC Training Existing device hardening Action Uplift score Phase 1 Phase 2 Phase 3

Red Button USP PREPARATION before attack QUICK RESPONSE during attack Design & Execution Response Validation Emergency Response Assessment Gap Analysis Design POC Game Plan Mitigation Technologies Integration Procedures Training Pen Test War Games 24/7 Emergency Response Architecture & DesignExecutionOn-going “We are Devoted to Provision All Required Building Blocks with Vendor Neutrality” ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✔ ✘ ✘ ✘ ✘ ✘ ✘ ✘ ✘

DDoS Readiness Program “Solution-based packages to be ready for DDoS attacks”

DDoS Readiness On-going Platinum On-going Gold Uplift Silver Uplift Bronze ✔✔✔✔ Architecture & Design ✔✔✔ Design Execution ✔ On-going Validation ✔✔ Emergency Response DDoS Readiness Program zero outage tolerance Large organizations Banks, ecommerce Five nines Reduce risks at reasonable costs Medium size organizations Protect reputation Two nines

Red Button Resell Mitigation Design & Execution Response Validation Emergency Response Architecture & Design ExecutionOn-going Design PS Only c ustomer by mitigation direction PS + Resell ✔ vendor neutral Near vendor neutral ✔ Turn-key ✔ Cost reduction

Summary

Attack Vector Analysis AFTER BEFORE DDoS Attack Vector Game Plan Automatic ✔✔ ✔ SYN Flood Network / Volumetric ✔✔ ✘ RST flood ✔✔ ✘ UDP Flood ✔✔ ✘ HTTP Flood Application ✔✔ ✔ HTTPS Flood ✔✘ ✘ DNS Reflective ✔✔ ✘ DNS Recursive ✔✔ ✔ Slowloris Low & Slow ✔✔ ✘ R.U.D.Y. ✔✔ ✘ SSL Renegotiation Good PoorOverall Readiness

DDoS Made Transparent Management CISO We have visibility We have understand and quantified our DDoS mitigation posture We have already improved mitigation We have improved mitigation by scale by hardening our existing technology and procedures with minimal investment Management to decide on next step Per business needs we can further improve our mitigation at quantified costs Backup plan Even if decision will be negative, we have a game- plan to minimize business impact under sever attack, buying time for another management decision

“Bad new”“Good news” No one represent the customer’s genuine interest (customer is alone) Customer are looking zero-touch solution DDoS mitigation technology generally mature Many mature organization has at least one protection in place Several experienced vendors Higher Ground Perspective No DDoS simulation (“no QA”) Lack of procedures/protocols Lack of training and war games Poor POC process Effective technologies: challenge, proxy, on-demand diversion, always-on diversion Technical Perspective DDoS Mitigation Challenges