NGINX App Protect Denial of Service Blocks Application-Level DoS Attacks

Original: https://www.nginx.com/blog/nginx-app-protect-denial-of-service-blocks-application-level-dos-attacks/

While digital transformation is accelerating business potential, unfortunately it’s also broadening the threat landscape. As security teams are occupied adjusting to increasing scope and responsibility, attackers are taking advantage, becoming more sophisticated than ever in the ways they abuse applications for financial gain. Compared to traditional denial-of-service (DoS) attacks at the network level, application‑level (Layer 7) DoS attacks are rising sharply, in large part because they can bypass traditional defenses that are not designed for modern application architectures.

From the viewpoint of attackers, Layer 7 DoS attacks have two valuable features: they require very few resources to create significant disruption, and they are difficult to detect. Generated using sophisticated tools and precisely targeted requests, such attacks disrupt application servers and APIs by making them unable to process legitimate requests. When a server is bombarded with more requests than it can process, it drops legitimate requests, becomes unresponsive, or even crashes.

Traditional DoS‑mitigation solutions are not effective for modern apps. They provide static rule‑based security and require continuous maintenance to keep up with the pace of changes and updates in the modern app landscape.

Introducing NGINX App Protect DoS

NGINX App Protect Denial of Service (DoS) is a new lightweight dynamic module for NGINX Plus, designed to protect modern applications against the most sophisticated application DoS attacks. NGINX App Protect DoS mitigates attacks that intend to disrupt and harm applications, ensuring continuous performance and revenue collection, and preserving customer loyalty and brand in a highly competitive digital world.

NGINX App Protect DoS can be deployed close to applications and microservices on any platform, architecture, or environment, including Kubernetes clusters. It scales out along with the application and maintains high security effectiveness at all times.

NGINX App Protect DoS in action

Deployment Use Cases

NGINX App Protect DoS can be deployed in a variety of locations to protect application services:

Mitigated Attack Types

NGINX App Protect DoS introduces protection against multiple sophisticated attack types:

Summary

It’s becoming more common for DoS attacks to target applications instead of the network. Because many of these Layer 7 DoS attacks look like legitimate traffic, traditional WAF defenses can’t effectively detect them.

Moreover, attackers continue to leverage new technology like machine learning and AI to launch Layer 7 DoS attacks, making simple rules and static signatures less effective. Layer 7 DoS mitigation must evolve as well, and NGINX App Protect DoS brings the right technology to bear with adaptive and dynamic defenses.

If you’d like to learn more about how to ensure DoS protection, check out our solution brief. Also see these related blogs:

Try NGINX App Protect DoS for yourself – start a free 30-day trial today or contact us to discuss your use cases.

Retrieved by Nick Shadrin from nginx.com website.