Start-up Defense.Net debuts with anti-DDoS service

Start-up makes its debut today with the aim of stopping distributed denial-of-service (DDoS) attacks aimed by attackers against both enterprises and cloud service networks.

The Belmont, Calif.-based company is founded by its CTO, Barrett Lyon, who started another anti-DDoS company in 2003 called Prolexic Technologies. next month will be detailing how it provides anti-DDoS mitigation as its first service is rolled out., whose CEO is Chris Risley, is funded by $9.5 million from Bessemer Venture Partners.

[NEWCOMERS:10 Hot Security Startups to Watch]

DDoS cyberattacks are large streams of traffic that attackers can generate often through compromised botnets of servers or desktops and that can be aimed at network and application infrastructure in order to swallow up available bandwidth or knock specific devices offline.

"The key [for anti-DDoS vendors] is scalability that outpaces the rates of the bad guys," Lyon says, noting the anti-DDoS mitigation method is based on a cloud service without the need for an appliance.

Other anti-DDoS vendors indicate that attackers appear to be increasing the strength of DDoS attacks. Arbor Networks recently published its quarterly threat report, based on anonymous traffic data from more than 270 service providers, which indicated that almost half of the DDoS attacks it has monitored now reach speeds of over 1Gbps.

That's said to be up 13.5% from last year, while the portion of DDoS attacks over 10Gbps increased about 41% in the same period, according to Arbor. In addition, there was a doubling of the total number of attacks over 20Gbps that occurred in all of 2012.

For his part, Lyon says he thinks the average DDoS attack is probably 16 times larger and "significantly more sophisticated than it was a year earlier."

Last fall, the websites of about a dozen U.S.-based banks were hit by massive DDoS attacks that often rendered them temporarily unavailable. Some of the attacks against banks such as Wells Fargo and Bank of America were so pronounced that it prompted government officials to discuss them, even pointing the finger against countries with whom the U.S. had had an adversarial relationship. Sen. Joe Lieberman (I-Conn.), for example, blamed Iran directly, though that country denied any involvement. Some businesses, such as the online gaming industry, openly say that fending off DDoS attacks is critical to their survival.

[RELATED:Shorter, high-speed DDoS attacks on the high, Arbor Networks says]

Lyon says he has assembled a team of experienced DDoS mitigation specialists who have worked in that capacity for firms such as Apple, BitGravity, VeriSign, Juniper, and Prolexic. He says the technology that will soon be unveiled by will seek to make DDoS defense a bit easier in certain ways.

Some mitigation methods create "side effects" that include "blocked users and fraud alerts to slow page loads, broken links, and stalled or timed out video streams," according to Lyon. "Some companies have had to ignore their fraud alerts when DDoS mitigation was turned on because so many of the alerts were artifacts of mitigation." In the services expected to be introduced next month, will try to prove it can overcome any side effects of that nature.

Ellen Messmer is senior editor at Network World, an IDG publication and website, where she covers news and technology trends related to information security. Twitter: MessmerE. E-mail:

Read more about wide area network in Network World's Wide Area Network section.

Join the CSO newsletter!

Error: Please check your email address.

Tags arbor networkssecurityendpoint securityProlexic TechnologiesWide Area Network

More about AppleArbor NetworksArbor NetworksBox.netIDGJuniperVeriSign AustraliaWells Fargo

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Ellen Messmer

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place