• Definition
    Attack Mitigation

    Attack mitigation is a detection and protection strategy used to safeguard networks, servers and applications by IT administrators in order to minimize the effect of malicious traffic and intrusion attempts while maintaining functionality for users.

    Successful mitigation means nullifying attack attempts on two different security levels:

    Vulnerability-based attacks: These types of attacks attempt to unlawfully extract sensitive data from your application infrastructure. This can be done via malware that plants viruses such as worms or Trojan horses. If an organization is not prepared for mitigating attacks, sensitive information can be extracted by a skilled hacker. The larger an organization is, the more likely it will be targeted for an intrusion-based attack, so mitigation is a critical security measure for medium-to-large-sized organizations.

    Non-vulnerability-based threats: This sort of attack's goal is primarily to misuse services by utilizing malicious attack traffic that appears to be coming from legitimate users. This means that the attacker is either looking for a vulnerability in the computing infrastructure, or will attempt to overload its resources by making repeated, malicious requests until the system is overwhelmed and rendered ineffective for real users.

    One of the most dangerous of the non-vulnerability-based threats are DoS/DDoS attacks, which flood system resources by repeatedly making requests for data until they are overwhelmed, either slowing down extremely or crashing altogether. DoS and DDoS attacks can come in a variety of different forms, and it is important to use a security solution like Radware's DefensePro that can identify attack patterns and mitigate them accordingly.