AWS DDoS Testing

Validate your system’s DDoS protection on AWS

 

Red Button is an authorized AWS Partner

DDoS Testing Tailored
to Your AWS Deployment

Verify your DDoS protection with attack simulations that challenge your specific deployment architecture. If your deployment includes CloudFront with ALB and EC2 behind it, for example, then we’ll run an attack simulation quite different from the one we’d plan if you had an API Gateway and AWS Lambdas.

We simulate multi-vector DDoS attacks to identify which AWS component will (or will not) block each type of attack.

Actionable
Remediation Guidance

Following a DDoS simulation, you’ll receive:

  • A detailed report identifying all security flaws, prioritized by severity.  (See a sample test report)
  • Remediation recommendations – from optimal configuration of AWS WAF options to the addition of specific security components.
  • An optional re-testing session to validate the fixes you implemented.

Get Results with
Near-Zero Efforts

Our fully managed DDoS testing service saves you time and resources:

  • End-to-end test planning, execution and analysis by highly experienced DDoS experts.
  • A total of five hours of your time: One hour for pre-test interview, three hours for test session, one hour for reporting the results and our recommendations.

Learn More

How do we perform DDoS testing to challenge your systems. (1.5 min)

Read More

DDoS attacks: It’s what you don’t know that may hurt you

Read More

FAQ

Why do I need testing if AWS provides protection?

There are several reasons. First of all, every digital environment must be tested to ensure full protection. DDoS protection without DDoS testing is like software without QA. Furthermore, while AWS assumes responsibility regarding network or infrastructure attacks, application attacks largely remain your responsibility. There are configurations and actions only you can perform, such as setting rate limits, scanner and probe protection, auto-scaling, and more. And all these application-level measures must, of course, be tested.

Do I need to update AWS before the test?

No. Red Button can carry out DDoS tests without notifying the AWS team. This makes the process simpler in many cases, such as, for example, last-minute testing.

Do you also test application level (Layer 7) DDoS attacks?

Yes. Our test simulation includes application-layer attacks that test your resistance to the more difficult-to-detect, layer 7 attacks; volumetric attacks to test your ability to withstand extreme and sustained campaigns with massive traffic; and protocol (network-layer) attacks such as SYN floods, UDP floods, and others. 

How long does DDoS testing take?

The actual test simulation session typically takes three hours. A more extensive test simulation with more attack vectors can take up to six hours.

Does your testing service include configuration recommendations?

Yes. Following the DDoS penetration tests, we provide you with recommendations specifically tailored for the AWS platform. You can then decide to implement the recommendations as you see fit.

Can you help us implement the recommendations?

Yes. As a separate service, Red Button also provides support and guidance for implementing our DDoS mitigation recommendations.