News

Red Button Security Experts To Validate Azure DDos Protection

• By Kurt Mackie
• April 25, 2022

Microsoft last week announced that Azure DDoS Protection users can launch distributed denial-of-service (DDoS) test attacks on their use of Azure services via Red Button's services.

Red Button is a group of security experts that provide "end-to-end DDoS protection services to organizations worldwide," according to the company's description. Its "DDoS Testing suite" consists of a planning session with Red Button experts for scoping out attacks. In addition, Red Button also will execute DDoS test attacks on Azure services used by organizations. Lastly, the suite offers a report summarizing the vulnerabilities detected and areas of improvement.

The actual DDoS test attacks get carried out by Red Button or partner BreakingPoint Cloud.

In addition to its DDoS Testing suite, Red Button offers two other options for Microsoft's Azure DDoS Protection customers. Its "DDoS 360" service is an annual service that offers testing, hardening, incident response and skills development. A second offering its "DDoS Incident Response" service, is a "30-day incident response service" that helps with DDoS attacks and the aftermath, plus training.

The three offerings -- the DDoS Testing suite, DDoS 360 and DDoS Incident Response -- aren't free for Microsoft's Azure DDoS Protection customers. They represent three separates costs, according to a Microsoft spokesperson.

Of course, organizations that subscribe to the Azure DDoS Protection service are already paying for DDoS detection and attack mitigation services from Microsoft to safeguard their apps and services. Back in January, Microsoft touted Azure DDoS Protection as being resistant to disruption by DDoS attacks because the cloud service can rapidly scale up operations when resources get sapped by DDoS attacks.

The Red Button collaboration can help organizations needing to meet certain compliance criteria, the Microsoft spokesperson clarified, when asked why Red Button would be needed on top of Azure DDoS Protection.

Azure services offer comprehensive DDoS defenses. However, our customers sometimes require independent testing and validation services to document security compliance.

Red Button is also a DDoS test partner for Amazon Web Services and "authorized to conduct DDoS simulation tests on behalf of AWS customers without prior approval from AWS," per Red Button's description.

The top DDoS organizational targets are gaming services providers, followed by financial services companies and media organizations, according to Microsoft. It tallied 359,713 unique DDoS attacks against its own services in the second half of 2021. These denial-of-service attacks involve the sending of massive requests using the User Datagram Protocol, which is typically used by streaming and gaming services.