Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Application Security

NCC Group Launches DDoS Attack Simulation Service

UK-based IT solutions firm, NCC Group, today anounced a new service that lets organizations simulate the world’s most common form of cyber attack – DDoS attacks.

The new “DDoS Assured” service helps companies understand how their IT security systems hold up to DDoS attacks, through an offering that emulates a DDoS attack in a secure, controlled environment.

In addition to offering the simulation service, the NCC Group provides security recommendations to clients based on the attack simulation results.

UK-based IT solutions firm, NCC Group, today anounced a new service that lets organizations simulate the world’s most common form of cyber attack – DDoS attacks.

The new “DDoS Assured” service helps companies understand how their IT security systems hold up to DDoS attacks, through an offering that emulates a DDoS attack in a secure, controlled environment.

In addition to offering the simulation service, the NCC Group provides security recommendations to clients based on the attack simulation results.

The company said its DDoS simulation solution currently focuses on application layer (layer 7) attacks, an increasingly common form of attack. When it comes to DDoS attacks, the idea that massive bandwidth cyber attacks inflict the most damage to organizations isn’t always true.

According to recent research coming from Radware, “smaller” application-layer attacks can actually cause more damage than DDoS attacks that gobble ten times the amount of bandwidth. To support that argument, Radware’s research showed that 76 percent of attacks were less than 1Gbps in bandwidth, with 32 percent less than 10Mbps. Only nine percent of attacks in 2011 were over 10Gbps.

The effects a DDoS attack can be devastating to an organization’s brand and operations. According to the results of a recent survey conducted by NeuStar, a majority (three-quarters) of the IT professionals said that they fear negative brand impact or customer experiences because of such an attack.

“The full impact of a DDoS attack has been widely reported due to a number of high-profile cases,” said Paul Vlissidis, technical director at NCC Group. “As awareness of a potential attack has grown, many companies have wisely invested in mitigation services. But these services are potentially useless if they’re not tested – and tested by an independent third party.”

 

Related Reading: Creating a DDoS Attack Action Plan

Related Reading: DDoS Attacks – Size Doesn’t Matter, Says Radware

 

Written By

For more than 10 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment

Expert Insights

Related Content

Application Security

Cycode, a startup that provides solutions for protecting software source code, emerged from stealth mode on Tuesday with $4.6 million in seed funding.

Network Security

NSA publishes guidance to help system administrators identify and mitigate cyber risks associated with transitioning to IPv6.

Cyberwarfare

Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Identity & Access

Hackers rarely hack in anymore. They log in using stolen, weak, default, or otherwise compromised credentials. That’s why it’s so critical to break the...

Application Security

Drupal released updates that resolve four vulnerabilities in Drupal core and three plugins.

Application Security

A CSRF vulnerability in the source control management (SCM) service Kudu could be exploited to achieve remote code execution in multiple Azure services.

Application Security

PayPal is alerting roughly 35,000 individuals that their accounts have been targeted in a credential stuffing campaign.

Application Security

Many developers and security people admit to having experienced a breach effected through compromised API credentials.