Contact Us
If you still have questions or prefer to get help directly from an agent, please submit a request.
We’ll get back to you as soon as possible.
Article
Last Month
There is often a significant gap between what security teams believe their DDoS protections are doing and how those protections behave during a real attack. Rate limiting is one of the most widely deployed application-layer DDoS defense mechanisms, yet it is also one of the most misunderstood. Many organizations configure rate limit rules and assume
Overview JA3 and JA4 are cryptographic fingerprinting techniques used to identify and analyze Transport Layer Security (TLS) client and server communications. These fingerprints help security teams detect malicious activities, including botnets, malware, and evasive threats that disguise themselves in encrypted traffic. What is JA3? JA3 is a method
A newly discovered denial-of-service (DoS) technique dubbed HTTP/2 Bomb has drawn significant attention across the security industry due to its ability to exhaust server memory and render web services unavailable within seconds. The attack was publicly disclosed in June 2026 by California-based security research company Calif. According to the resea
Executive Summary Introduction This document addresses whether a DDoS simulation should be conducted against a production environment or a staging environment, when both are available. It sets out the gains from testing production, the operational risks and difficulties associated and identifieswith it, and the controls applied during the engagemen
Volumetric attacks - Test your ability to withstand extreme and sustained attacks. Includes UDP floods and ICMP floods. The attack’s goal is to saturate the bandwidth of the attacked site, and magnitude is measured in bits per second (Bps). Application-layer attacks Send excessive HTTP/S GET or POST requests to test your resistance to resource e
What Are Rate Limits? Rate limit rules are essential for protecting against Distributed denial-of-service (DDoS) attacks by controlling the rate of incoming traffic to critical resources. By distinguishing between legitimate and malicious traffic, these rules help prevent service disruption and resource exhaustion. Proper configuration and calibrati
Web challenges or web-based verification methods are crucial in differentiating between human users and automated bots, particularly effective against layer 7 DDoS attacks involving numerous HTTP requests. Here are the common types of web challenges: JavaScript: This challenge identifies legitimate browsers that support JavaScript, which most bots c
DDoS attack vectors are methods used by attackers to overwhelm a target system, network, or service with excessive traffic, causing disruption or denial of access to legitimate users. These vectors often involve sending malformed data or exploiting protocol vulnerabilities to exhaust resources. The list below highlights some of the more common attac