Speak to a Security Expert

There’s no obligation to commit to anything! This is simply a conversation where we learn more about your business – and you learn how DDoS testing could be deployed to your advantage.

  • Expert advice and guidance on DDoS Testing
  • An individual approach designed for your business
  • Experience across all DDoS Attack types

Our Most Asked Questions

Is DDoS testing and simulation legal?

Yes, DDoS testing is legal, but only if it is conducted with the permission of the target organisation. It is important to note that launching a DDoS attack without permission is a crime in many jurisdictions, including the UK.

What are the ethical considerations for DDoS testing?

There are a number of ethical considerations to bear in mind when conducting DDoS testing, including:

Obtaining authorisation from the target organisation: It is essential to obtain explicit permission from the target organisation before conducting a DDoS test. This can be done by having a purchase order in place or by having multiple customer stakeholders on a conference call during the attack.

Minimising collateral damage: DDoS tests can potentially disrupt other services and networks that are not the target of the attack. It is important to take steps to minimise collateral damage, such as by using a variety of attack vectors and by keeping the attack intensity below the target organisation’s contractual bandwidth level.

Using ethical tools and methods: It is important to use ethical tools and methods when conducting DDoS testing. This means avoiding tools and methods that could exploit vulnerabilities in the target organisation’s systems or that could cause permanent damage.

Where is the attack being launched from and what jurisdiction applies?

DDoS attacks can be launched from anywhere in the world. However, the jurisdiction in which the attack is launched will apply. This means that if you are a UK company and you are attacked by a DDoS attack that was launched from the US, then US law will apply.

How can I choose a reputable DDoS testing provider?

When choosing a DDoS testing provider, it is important to consider the following factors:

Experience: Choose a provider with experience in conducting DDoS tests on a variety of systems and networks.

Expertise: Choose a provider with a team of experts who have a deep understanding of DDoS attacks and mitigation strategies.

Reputation: Choose a provider with a good reputation in the industry. You can read online reviews or ask other businesses for recommendations.

What are the benefits of regular DDoS testing?

There are a number of benefits to regular DDoS testing, including:

Identify and fix vulnerabilities: DDoS testing can help you to identify and fix vulnerabilities in your systems and networks before they are exploited by attackers.

Optimise your DDoS mitigation systems: DDoS testing can help you to optimise your DDoS mitigation systems to ensure that they are effective against a variety of attack vectors.

Improve your incident response plan: DDoS testing can help you to improve your incident response plan so that you are better prepared to respond to a real-world DDoS attack.

We learnt a huge amount as a result of doing the DDoS test simulation. It was better doing this in a controlled manner instead of waiting until we are hit for real. We now understand a lot more about our systems and our people have gained useful experience, which has only improved our readiness for a real attack.

Mark DawsonHead of Service Assurance, British Library

Babble was very thorough in the scoping of the project and the way they conducted themselves was very professional. We greatly benefited from the test and the confirmation that our deployments carried minimal risk even when under significant load.

Head of Information SecurityLeading DNS Provider

Almost immediately it was discerned that no mitigation alerts were being sent and the ISP did not detect the attack. Now armed with the DDoS test results and a comprehensive report we have a good baseline for more targeted simulations in a subsequent round of testing.

Head of InfrastructureLeading Public Utilities Company