On my last employee role, I was dealing with real time DDoS attacks on some of the largest organizations in the world, including the financial and government sector. These are massive companies with seemingly unlimited security budgets, but in real time, with all the best technology and personal in place, they were still affected very badly, losing huge amounts of revenue and gaining a bad reputation. I realized that the main reason for this was their poor visibility proactively over what was threatening them or in real-time under attack what was affecting them. They didn’t take the time to check if the “out of the box” products that they paid for are actually working under extreme attack scenarios. Instead, they had to find out the hard way that they were that target of a massive DDoS or phishing campaign. Take Operation Ababil for example. It started in 2012 on the technical level. All the biggest banks and financial institutions in America were completely open to attack and there was almost nothing they could do about it in real time. Even though they had all the correct technology deployed. I wanted to bring visibility and control back to the customers. Back then, hacking campaigns would typically involve DDoS attacks and phishing emails, tricking you into giving your credentials, and distracting you as they bring the system down and exploit the perimeter. This is what we call an attack campaign. With such multi vector cyber-attack campaigns, you can be down intermittently for days, weeks or even months as seen in operation Ababil.
What Makes MazeBolt Unique?
The MazeBolt product was built originally to give an overview of existing threats in an easy to digest manner, and close the vulnerability gap ahead of time. We focus heavily on denial of service validation. We developed a DDoS testing technology that is the most efficient and mature technology today, as it extends the detection capability from a couple of dozens of vulnerabilities to hundreds or even thousands of them, in an ongoing basis and without disruption. Recently, we received a grant from the EU, who recognized our revolutionary Non-Disruptive DDoS testing technology, which is the widest vulnerability validation platform available today. A vulnerability gap is a gap which allows a DDoS attack to bypass your defenses and leave your critical systems unavailable. That means that by using our product, you proactively and ahead of time know which actors may be threatening your IT infrastructure, you don’t have to disrupt your operations to find out, this is a paradigm shift in the DDoS testing world. We can find vulnerabilities in an ongoing manner and minimize the gap to less than 5%. It’s quite revolutionary and we can see that with us, our customers are significantly more secure than any other technology out there. One of the major components that differentiate us from our competitors is the service component. A strong team is what makes it all worthwhile. We give actionable reports that our customers can use to tighten their defenses, and a team that will assist them in understanding the implications and making wise decisions. We maintain a close relationship with our customers to ensure they get the most out of our product.
What makes DDoS attacks so common, and who should be aware of them?
Anyone who requires uptime reliability should be aware of DDoS. It doesn’t matter if you’re a bank or an eCommerce site, a public infrastructure site, a ticket booking site and so on. Any business that needs to be online should be very concerned about DDoS attacks. Especially if your business relies on online capabilities, a DDoS attack can stop your business at once. Recovering from DDoS downtime would cost an enterprise company an average of 2 million dollars per attack. Even though DDoS have been around for a long time, there is no silver bullet to stop them. To do that, you would need a comprehensive strategy that includes ongoing validation and enhanced real-time analysis capabilities. MazeBolt provides a product which proactively closes the DDoS vulnerability gap. When responding to attacks, your team should be ready to make real time decisions. They should know how to contact their DDoS security vendor and control the technology they have in place. A big component of what we do is prepare your human resources for the worst case scenarios, so when an attack comes, and it will come eventually, your team will be ready.
What new trends can we expect to see in the way DDoS attacks are being handled?
Obviously I see Mazebolt as a big part of the future. We work very hard to find solutions to the DDoS problem; we’ve got patents pending and big product projects in the pipeline coming up, we’re trying actively to solve this problem in a way that it will fully put control back to security personnel when faced with this devastating attack vector. Of course, DDoS will never be a thing of the past, but we can minimize the level of destruction they cause. We need to approach this problem holistically and be prepared for anything. MazeBolt uses cutting edge technologies for non-disruptive DDoS testing as part of a larger project we are working on. We believe that our roadmap will impact the way DDoS are handled today, making them simple to mitigate, while allowing teams to focus on what’s important.