Radware’s new Web DDoS protection blocks tsunami-size web DDoS attacks

June 8, 2023
Delivers unmatched mitigation of randomized, high-volume attacks that evade standard protection

MAHWAH, N.J., May 23, 2023— Radware® (NASDAQ: RDWR), a leading provider of cybersecurity and application delivery solutions, has introduced a new Cloud Web DDoS Protection solution. The state-of-the-art solution is designed to minimize the growing gap between standard DDoS mitigation and an emerging generation of more aggressive, layer 7 (L7), HTTPS Flood attacks—also known as Web DDoS Tsunami attacks. Radware’s advanced solution is unmatched in its ability to combat these encrypted, high-volume, multi-vector threats that evade standard web application firewalls (WAF) and network-based DDoS tools, essentially rendering them ineffective.

“The dramatic rise in Web DDoS Tsunami attacks poses an immediate cyber threat. Organizations worldwide regardless of industry have fallen victim to these attacks, leaving them confounded as to why their existing defense solutions are faltering,” said Gabi Malka, Radware’s chief operating officer. “Just because organizations have standard WAFs or network-based DDoS mitigation in place, they should not take for granted that they are adequately protected.”

The sharp increase in Web DDoS Tsunamis has raised the bar for effective L7 DDoS detection and mitigation. As part of their latest campaigns, hackers are combining network and application layer attacks and using new tools to create this giant request-per-second (RPS) Web DDoS attacks. To elude detection, these L7 DDoS attacks appear as legitimate traffic and leverage multiple evasion techniques, such as randomizing HTTP headers, cookies, spoofing IPs, and more.

“Standard solutions that take a rate-limiting approach are not built to handle this emerging generation of Web DDoS Tsunami attacks,” continued Malka. “To defend against these attacks, organizations need layer 7, behavioral-based security solutions that can adapt in real-time, scale by a magnitude higher than any on-prem solution, and surgically block the attacks without blocking legitimate traffic.”

Standard WAF and network-based DDoS protection solutions are ineffective in detecting and mitigating Web DDoS Tsunamis without impacting legitimate traffic. Detecting these attacks requires decryption and deep inspection into the L7 traffic headers, which network-based DDoS protection solutions are not able to do. At the same time, on-premise or cloud-based WAF solutions that rely on signature-based protections are ill-equipped to deal with the randomized nature, scale, and sophistication of these attacks.

Anticipating the shift in the threat landscape, Radware developed its new Cloud Web DDoS Protection. Backed by research and development, the solution uniquely combines behavioral-based, automated algorithms with the high-scale infrastructure needed to accurately defend organizations against high RPS, Web DDoS Tsunami attacks.

In addition, Radware’s Cloud Web DDoS Protection:

  • Minimizes false positives —Dedicated behavioral-based algorithms quickly and accurately detect and block L7 DDoS attacks without interrupting legitimate traffic.
  • Offers wide attack coverage against the most advanced threats and zero-day attacks —The solution protects organizations from a wide range of L7 DDoS threats, including smaller-scale, sophisticated attacks; new L7 attack tools and vectors; and large-scale, sophisticated Web DDoS Tsunami attacks.
  • Immediate and adaptive protection — Leveraging proprietary behavioral analysis and real-time signature generation, Radware immediately detects HTTPS floods and continuously adapts the mitigation in real-time to prevent downtime.
  • Provides peace of mind —The automated and fully managed solution is designed to help organizations block these sophisticated attack campaigns consistently across all their applications and environments.

For organizations under DDoS attack, Radware also offers an Emergency Onboarding Service that helps neutralize security risks and safeguard operations before damage occurs.

Industry analysts such as Forrester Research, Gartner, GigaOm, KuppingerCole, and Quadrant Knowledge Solutions continue to recognize Radware as a market leader across a variety of cyber security categories. The company has received numerous awards for its application and API protection, WAF, bot management, and DDoS mitigation solutions.

About Radware

Radware® (NASDAQ: RDWR) is a global leader of cyber security and application delivery solutions for physical, cloud, and software-defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection, and availability services to enterprises globally. Radware’s solutions empower enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity, and achieve maximum productivity while keeping costs down. For more information, please visit the Radware website.

Radware encourages you to join our community and follow us on: Facebook,  LinkedInRadware BlogTwitterYouTube, and Radware Mobile for iOS and Android.

Sponsored Recommendations

Appdome releases new defenses to combat accessibility malware

Two of the most advanced variants focus on Android banking apps - BrasDex in Latin America and Xenomorph in the U.S. and Europe use Automated Transfer Systems (ATS) malware.

DigiFlight, Inc. welcomes Michael Perrin as Senior Vice President, National Intelligence

With a career spanning 27 years in the U.S. Department of Defense (DoD) and 20 years in the intelligence community, Perrin will serve as DFI's primary point of contact for all...

Sternum shines with UL Solutions’ Diamond Level Qualification for IoT defense

With this UL qualification, Sternum’s Embedded Security and IoT Observability platform is a leading full stack solution that delivers unparalleled runtime protection and continuous...

GSX highlights PKOC demonstration

With PKOC, interoperability is simple, the credential is secure with PKI level authentication and there is no cost for a PKOC compatible credential.