Radware’s New Web DDoS Protection Blocks Tsunami-Size Web DDoS Attacks Without Interrupting Legitimate Traffic


MAHWAH, N.J. May 23, 2023 06:00 AM

Delivers unmatched mitigation of randomized, high-volume attacks that evade standard protection

Radware® (NASDAQ: RDWR), a leading provider of cyber security and application delivery solutions, today introduced a new Cloud Web DDoS Protection solution. The state-of-the-art solution is designed to minimize the growing gap between standard DDoS mitigation and an emerging generation of more aggressive, layer 7 (L7), HTTPS Flood attacks—also known as Web DDoS Tsunami attacks. Radware’s advanced solution is unmatched in its ability to combat these encrypted, high-volume, multi-vector threats that evade standard web application firewalls (WAF) and network-based DDoS tools, essentially rendering them ineffective.

“The dramatic rise in Web DDoS Tsunami attacks poses an immediate cyber threat. Organizations worldwide regardless of industry have fallen victim to these attacks, leaving them confounded as to why their existing defense solutions are faltering,” said Gabi Malka, Radware’s chief operating officer. “Just because organizations have standard WAFs or network-based DDoS mitigation in place, they should not take for granted that they are adequately protected.”

The sharp increase in Web DDoS Tsunamis has raised the bar for effective L7 DDoS detection and mitigation. As part of their latest campaigns, hackers are combining network and application layer attacks and using new tools to create these giant request-per-second (RPS) Web DDoS attacks. To elude detection, these L7 DDoS attacks appear as legitimate traffic and leverage multiple evasion techniques, such as randomizing HTTP headers, cookies, spoofing IPs, and more.

“Standard solutions that take a rate-limiting approach are not built to handle this emerging generation of Web DDoS Tsunami attacks,” continued Malka. “To defend against these attacks, organizations need layer 7, behavioral-based security solutions that can adapt in real time, scale by a magnitude higher than any on-prem solution, and surgically block the attacks without blocking legitimate traffic.”

Standard WAF and network-based DDoS protection solutions are ineffective in detecting and mitigating Web DDoS Tsunamis without impacting legitimate traffic. Detecting these attacks requires decryption and deep inspection into the L7 traffic headers, which network-based DDoS protection solutions are not able to do. At the same time, on-premise or cloud-based WAF solutions that rely on signature-based protections are ill-equipped to deal with the randomized nature, scale, and sophistication of these attacks.

Anticipating the shift in the threat landscape, Radware developed its new Cloud Web DDoS Protection. Backed by research and development, the solution uniquely combines behavioral-based, automated algorithms with the high-scale infrastructure needed to accurately defend organizations against high RPS, Web DDoS Tsunami attacks.

In addition, Radware’s Cloud Web DDoS Protection:

  • Minimizes false positives —Dedicated behavioral-based algorithms quickly and accurately detect and block L7 DDoS attacks without interrupting legitimate traffic.
  • Offers wide attack coverage against the most advanced threats and zero-day attacks —The solution protects organizations from a wide range of L7 DDoS threats, including smaller-scale, sophisticated attacks; new L7 attack tools and vectors; and large-scale, sophisticated Web DDoS Tsunami attacks.
  • Immediate and adaptive protection — Leveraging proprietary behavioral analysis and real-time signature generation, Radware immediately detects HTTPS floods and continuously adapts the mitigation in real-time to prevent downtime.
  • Provides peace-of-mind —The automated and fully managed solution is designed to help organizations block these sophisticated attack campaigns consistently across all their applications and environments.

For organizations under DDoS attack, Radware also offers an Emergency Onboarding Service that helps neutralize security risks and safeguard operations before damage occurs.

Industry analysts such as Forrester Research, Gartner, GigaOm, KuppingerCole, and Quadrant Knowledge Solutions continue to recognize Radware as a market leader across a variety of cyber security categories. The company has received numerous awards for its application and API protection, WAF, bot management, and DDoS mitigation solutions.

About Radware

Radware® (NASDAQ: RDWR) is a global leader of cyber security and application delivery solutions for physical, cloud, and software defined data centers. Its award-winning solutions portfolio secures the digital experience by providing infrastructure, application, and corporate IT protection, and availability services to enterprises globally. Radware’s solutions empower enterprise and carrier customers worldwide to adapt to market challenges quickly, maintain business continuity, and achieve maximum productivity while keeping costs down. For more information, please visit the Radware website.

Radware encourages you to join our community and follow us on: FacebookLinkedIn, Radware Blog, Twitter, YouTube, and Radware Mobile for iOS and Android.

©2023 Radware Ltd. All rights reserved. Any Radware products and solutions mentioned in this press release are protected by trademarks, patents, and pending patent applications of Radware in the U.S. and other countries. For more details, please
see: https://www.radware.com/LegalNotice/. All other trademarks and names are property of their respective owners.

Radware believes the information in this document is accurate in all material respects as of its publication date. However, the information is provided without any express, statutory, or implied warranties and is subject to change without notice.

The contents of any website or hyperlinks mentioned in this press release are for informational purposes and the contents thereof are not part of this press release.

Safe Harbor Statement

This press release includes “forward-looking statements” within the meaning of the Private Securities Litigation Reform Act of 1995. Any statements made herein that are not statements of historical fact, including statements about Radware’s plans, outlook, beliefs, or opinions, are forward-looking statements. Generally, forward-looking statements may be identified by words such as “believes,” “expects,” “anticipates,” “intends,” “estimates,” “plans,” and similar expressions or future or conditional verbs such as “will,” “should,” “would,” “may,” and “could.” For example, when we say that to defend against these attacks, organizations need layer 7, behavioral-based security solutions that can adapt in real time, scale by a magnitude higher than any on-prem solution, and surgically block the attacks without blocking legitimate traffic, we are using a forward-looking statement. Because such statements deal with future events, they are subject to various risks and uncertainties, and actual results, expressed or implied by such forward-looking statements, could differ materially from Radware’s current forecasts and estimates. Factors that could cause or contribute to such differences include, but are not limited to: the impact of global economic conditions and volatility of the market for our products; natural disasters and public health crises, such as the coronavirus disease 2019 (COVID-19) pandemic; a shortage of components or manufacturing capacity could cause a delay in our ability to fulfill orders or increase our manufacturing costs; our business may be affected by sanctions, export controls, and similar measures, targeting Russia and other countries and territories, as well as other responses to Russia’s military conflict in Ukraine, including indefinite suspension of operations in Russia and dealings with Russian entities by many multi-national businesses across a variety of industries; our ability to successfully implement our strategic initiative to accelerate our cloud business; our ability to expand our operations effectively; timely availability and customer acceptance of our new and existing solutions; risks and uncertainties relating to acquisitions or other investments; the impact of economic and political uncertainties and weaknesses in various regions of the world, including the commencement or escalation of hostilities or acts of terrorism; intense competition in the market for cyber security and application delivery solutions and in our industry in general, and changes in the competitive landscape; changes in government regulation; outages, interruptions, or delays in hosting services or our internal network system; compliance with open source and third-party licenses; the risk that our intangible assets or goodwill may become impaired; our dependence on independent distributors to sell our products; long sales cycles for our solutions; changes in foreign currency exchange rates; undetected defects or errors in our products or a failure of our products to protect against malicious attacks; the availability of components and manufacturing capacity; the ability of vendors to provide our hardware platforms and components for our main accessories; our ability to protect our proprietary technology; intellectual property infringement claims made by third parties; changes in tax laws; our ability to realize our investment objectives for our cash and liquid investments; our ability to attract, train, and retain highly qualified personnel; and other factors and risks over which we may have little or no control. This list is intended to identify only certain of the principal factors that could cause actual results to differ. For a more detailed description of the risks and uncertainties affecting Radware, refer to Radware’s Annual Report on Form 20-F, filed with the Securities and Exchange Commission (SEC), and the other risk factors discussed from time to time by Radware in reports filed with, or furnished to, the SEC. Forward-looking statements speak only as of the date on which they are made and, except as required by applicable law, Radware undertakes no commitment to revise or update any forward-looking statement in order to reflect events or circumstances after the date any such statement is made. Radware’s public filings are available from the SEC’s website at www.sec.gov or may be obtained on Radware’s website at www.radware.com.

Contact Radware Sales

Our experts will answer your questions, assess your needs, and help you understand which products are best for your business.

Already a Customer?

We’re ready to help, whether you need support, additional services, or answers to your questions about our products and solutions.

Locations
Get Answers Now from KnowledgeBase
Get Free Online Product Training
Engage with Radware Technical Support
Join the Radware Customer Program

Get Social

Connect with experts and join the conversation about Radware technologies.

Blog
Security Research Center
CyberPedia