Google have launched a new service, Project Shield, which will cache independent news websites in order to protect them from distributed denial of service attacks. Igal Zeifman, Senior Digital Strategist at Imperva, discusses whether Project Shield is enough to protect against DDoS attacks.
[su_note note_color=”#ffffcc” text_color=”#00000″]Igal Zeifman, Senior Digital Strategist at Imperva :
“Project Shield is a valuable solution that highlights an important issue: the existence of cheap DDoS-for-hire services that enable anyone to launch DDoS attacks of substantial size, against any target. Google is also correct in assuming that news sites are amongst the most prominent targets for DDoS offenders.
The solution Google offers combines traffic filtering and the ability to present cached content while a website is dealing with more traffic than it can handle. This can help against certain attack vectors, but it doesn’t fully addresses the different DDoS threats that websites are facing today. For instance, it cannot mitigate network layer attacks, especially direct-to-IP attacks that target specific IP addresses and elements of a network’s infrastructure. There is also the question of attack duration, as many DDoS assault can be easily sustained for days, weeks or even months at a time. For attacks like these, serving stale cached content is a hard compromise, perhaps even more so for a news organization.
In short, Project Shield can be an effective and important initiative to provide application layer protection for news organizations with no access to dedicated mitigation solutions. Depending on the duration and type of attack, however, a more targeted solution may prove beneficial.”[/su_note]
[su_box title=”About Imperva®” style=”noise” box_color=”#336588″]Imperva® (NYSE:IMPV), is a leading provider of cyber security solutions that protect business-critical data and applications. The company’s SecureSphere, Incapsula and Skyfence product lines enable organizations to discover assets and risks, protect information wherever it lives – in the cloud and on-premises – and comply with regulations. The Imperva Application Defense Center, a research team comprised of some of the world’s leading experts in data and application security, continually enhances Imperva products with up-to-the-minute threat intelligence, and publishes reports that provide insight and guidance on the latest threats and how to mitigate them. Imperva is headquartered in Redwood Shores, California.[/su_box]
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.