Cyber attacks have evolved significantly over the last several years. Not only are attacks more frequent, but the approaches used by attackers are more sophisticated and subtle. To offset these challenges, your attack detection also needs to evolve. Malicious traffic detection needs to be more intelligent, and capable of quickly mitigating different types of attacks. Attack mitigation needs to be automated, and should provide organizations with a way to analyze the effectiveness of the mitigation and track its impact on users.
Many of our customers rave about how Kentik helps them detect and automate the mitigation of DDoS attacks. Kentik Protect is a SaaS offering and provides customers the benefit of advanced DDoS defense and malicious traffic detection without the delays, capital investment, and ongoing costs of building and maintaining their own threat detection system.
Kentik Protect is the industry’s most accurate DDoS and network anomaly detection solution, offering field-proven accuracy gains of 30 percent in attack recognition. How does it work?
Just getting an alert that traffic patterns have changed is not enough. Kentik Protect allows you to quickly double-click from an alert into an advanced Data Explorer query. This is powerful because you can dive into the details of an attack, filter down, and compare across time frames. Most legacy application-based DDoS detection systems cannot do this because they only aggregate data.
Kentik Protect also incorporates a feature that allows you to determine the impact of rejecting RPKI-invalid traffic. This feature gives you an intimate understanding of the impact on your traffic globally if you were to reject RPKI-invalid statuses.
Kentik helps you find traffic from infected or compromised hosts by enriching flow records with IP reputation data from Spamhaus. The result is two dimensions, Botnet Command and Control and Threat List Host, which are then used to identify threats to your network, such as botnet command and control servers, malware distribution points, phishing websites, spam sources, and more.
We make these threats known to you via the Botnet & Threat-feed Analysis dashboard. The panels illustrate the extent to which traffic on your network is associated with known risks.
The Kentik Network Observability Cloud delivers the industry’s most accurate and automated DDoS detection against various types of DDoS attacks (volumetric, application, etc.), botnet, and threat attack traffic, giving security and operations teams full forensics capabilities across months of raw data.