August 15, 2017

Some attack countermeasures need to be reactive. Please describe how testing scenarios account for the implementation of reactive controls

THE ART OF THE RAMP-UP of traffic from very low levels is a very popular and sensible way to test. As traffic is increased it places increased load on many network devices and servers. At some point a ‘weak link’ in the chain will start expressing high-enough stress that the team will want mitigation to activate.
HOLD LEVELS STEADY RedWolf can hold traffic steady at that level while reactive measures are put in place.
LOW AND SLOW attacks are the most common ‘reactive’ types of attacks where default mitigation settings have to be adjusted but most Layer 7 attacks can involve some art in reactive control management.
GOAL: PERFECT THRESHOLDS – One of the goals RedWolf helps clients achieve is when a mitigation threshold activates smoothly before a protected server goes down.
GOAL: MASTERS OF DEFENSE – Once the operationalization of threshold changes is old-hat RedWolf can change the mode to be more ‘wargame’ like with more dramatic changes in parameters beyond traffic levels.  It takes time to develop these operational skills and the only way they can be developed is with live exercises like RedWolf offers.