Protect your business from tomorrow’s attacks with GMC’s mature DDoS Simulation framework used across hundreds of simulations for best-in-class offensive security
Organizations often feel secure with their top-level security measures, but they can never fully predict the future. Next-generation attackers are starting to use more creative distributed denial of service (DDoS) attack methodologies to beat the latest security solutions. That’s why GMC has a dedicated DDoS team who conduct real-life, controlled attack simulations, which have been refined by many years of hands-on experience. Working with us, you can:
- Prevent costly security breaches that may incur heavy server-load costs, or put up a mask while attackers target more sensitive (and expensive) data
- Protect against next-generation attacks through a proactive, offensive simulation guided by best expertise
- Prepare for mature attack frameworks that are backed by a creative team, trained to be one step ahead of would-be attackers
- Prepare your business and employees to respond to future DDoS attacks in a safe, controlled environment where best practices are more likely to stick
How GMC’s DDoS Simulation experts help your business:
GMC’s skilled DDoS team has unparalleled expertise in conducting controlled simulation, while guiding you through the evaluation of risks and their potential solutions. Prior to the simulation, our DDoS attack team conducts extensive research of your applications and infrastructure to collect valuable intelligence. Based on the information gathered, we will create different types across multiple attack scenarios which simulate real-world DDoS attacks, as follows:
Attack Types simulated by GMC:
- Network (Infrastructure) level attacks. Attacks targeting network components such as firewalls, routers and load balancers. The effects of these attacks effectively disable physical access to the targeted servers. The attacks can affect the component’s CPU, memory and/or bandwidth usage by targeting all layers except for layer 7 in the OSI 7-layers model.
- Application level attacks. Attacks targeting the server’s resources by abusing the application’s functions that consume physical resources (such as CPU, memory, bandwidth usage and hard disk usage). These attacks target layer 7 in the OSI 7 layers model.
Attack Scenarios simulated by GMC:
- Bandwidth: The attacker floods the server with requests from numerous bots, consuming network access to the target servers. The flood can either be generic (such as TCP flood) or an application-level attack which is customized to the client’s website. As a result of this attack, the network bandwidth is consumed (either upstream or downstream bandwidth) and legitimate users cannot access the attacked servers.
- Memory (volatile): The attack depletes available memory of the attacked servers by abusing sensitive memory-consuming functions in the attacked application. An example of such an attack is “slow HTTP post”, which causes the server to allocate a significant amount of memory.
- CPU: CPU exhaustion can be caused by flooding the system with high-level computations and may affect network components, servers and the application itself. An example of such an attack is SSL exhaustion, which results in high CPU consumption.
- Storage: Many applications use databases that contain customer records, business transactions, system information (such as logs) and even uploaded files. An attacker can generate requests that consume the available disk space (for example abusing the registration mechanism), thereby disabling the application.
- Connection Table: Each network component contains a connection table which lists existing connections and their status. In this attack, the attacker opens numerous connections (either valid or invalid connections), flooding the connection table. Once the connection table is full, the server is unable to process new connections resulting in Denial of Service.
Over 20 years of cybersecurity experience
- GMC is trusted by over 1,000 clients
- Our international offices ensure quick response times, any day of the week
- Work with enterprise-level, certified professionals with top-tier credentials
- Find solutions quickly based on gold-standard cybersecurity expertise
Get started with your DDoS Simulation experts today
Contact us and we’ll respond swiftly to get your business secure, compliant, and operating efficiently.