Defending the enterprise against DDoS attacks
Protect your organization from the looming threat of system outages caused by nefarious cyber criminals
Advanced Cybersecurity and Edge Protection
An extra layer of protection to bolster the resilience of your network
Most global brands today depend largely on their websites to drive leads and generate revenue. Some industries (like emerging tech) rely exclusively on their websites to operate their day-to-day businesses. For organizations within the financial sector, website availability is crucial to providing customers access to their accounts and the ability to conduct transactions in real time.
As the number of business transactions conducted online increases, so does the attack surface area presented by the sites/applications that facilitate these transactions. Sensitive customer data and business-critical operations are being exposed through web interfaces that are globally accessible and often highly vulnerable to the Internet’s growing threat landscape. A recent Trustwave report concluded that "97% of web applications contain at least one vulnerability".
Regardless of the role your website plays in your business, a cyber-security incident can have costly implications. From service loss due to DDoS attacks, through to data loss, regulatory violation and brand hijacking. DDoS attacks are often the most high profile of these incidents due to the immediate and highly visible impact they have on an organisation’s online services.
As DDoS attacks continue to grow in magnitude, sophistication and frequency, enterprise companies without dedicated DDoS security measures in place are vulnerable. According to a Cisco report released in 2016, “The average size of DDoS attacks is increasing steadily and approaching 1 Gbps, enough to take most organizations completely offline.” A Kapersky Corporate IT Security Risks Study released in 2016 estimated the financial impact of a typical DDoS attack to range from $100K - $1.6M.
Due to their deceptive nature, defending against a DDoS attack requires more than traditional perimeter defense technologies. A DDoS attack is intended to compromise a website or network’s availability by flooding a domain with requests that exceed its capacity. What makes it so difficult to defend against is that the traffic it generates is disguised to look like legitimate traffic, and is, therefore, able to get past standard network firewalls without being detected.
Crownpeak's Advanced Cybersecurity and Edge Protection service offers the additional protections needed to safeguard against the most aggressive DDoS attacks, as evidenced by a recent staged DDoS attack against one of Crownpeak's customers. Some of its advantages:
- Designed to detect, analyze and defend against Layer 7 application-level DDoS attacks where traditional cyber security technologies are inadequate at distinguishing between malicious and non-malicious requests.
- Customers benefit from domain expertise – Crownpeak’s team handles all strategy, configuration, and implementation giving customers the level of protection needed to filter out malicious traffic, while ensuring legitimate traffic gets access. As new threats in the marketplace emerge, Crownpeak stays ahead of them, making adjustments as needed.
- Quick and seamless integration – Can be rapidly deployed to protect any site or application hosted by Crownpeak.
- Collective intelligence – Threat intelligence is pooled so a defense evolved by observing one attack against one customer, becomes immediately available for all customers.
It’s important to recognize that DDoS attacks are only one aspect of today's threat landscape. An organisation’s websites and applications can expect to be scanned and probed for an ever increasing range of vulnerabilities, on a regular basis. Exploit attempts can include everything from common Cross-Site Scripting (XSS) and SQL Injection (SQLi) attacks, through to automated spam and the latest 'Zero Day' vulnerabilities (weak points in sites, applications and servers that have been discovered but not yet patched). Crownpeak's Advanced Cybersecurity and Edge Protection service can detect and block many of these attacks as they occur, as well as providing pre-emptive protection against unknown exploits, by blocking traffic from recognised, global sources of spam and criminal activity.
Crownpeak's Advanced Cybersecurity and Edge Protection service can be added to any Crownpeak subscription. As with any Crownpeak product, there’s no equipment procurement or additional resources necessary, transferring the burden from your shoulders to ours.
Globally the number of DDoS attacks grew 25 percent in 2015 and will increase 2.6-fold to 17 million by 2020.