One of the challenges when creating a security tool is validating that it works when the S$%^ hits the fan. We have heard (via anonymous sources) that many of the high-dollar solutions out there create bloated, rotting piles of information, whose only purpose is to look impressive due to their voluminous output. A typical $100K buys you a CYA report. A tool that covers everything, leaving the customer to decide what to do; which is usually nothing or some misguided “make work”. These non-specific tools are about as useful as a weather forecast that predicts everything all the time. Rain, Snow, Wind, Hot, Cold, for everyday of the year. If you predict everything you can’t be wrong?
On the other hand, the reports from the field coming in for our DDoS tool are:
Yes, it works.
Yes, it is simple to use.
Yes, it takes action when appropriate.
We have confirmation that our DDoS tool, combined with our shaping algorithms, has kept some very large institutions up and running while under very heavy, sophisticated DDoS attacks. The reasons are simple. We look at the pattern of incoming packets in a normal situation. When the pattern reaches a watermark that is clearly beyond normal, we block those incoming circuits. If needed, we can also take a softer approach, so the attacker is not aware we are throttling them. This is needed because in some situations outright blocking will alert the attacker you are on to them and cause the attacker to double-down.
When under DDoS attack you don’t need reports; you need immediate action. If you would like to discuss our solution in more detail feel free to contact us.