An ounce of prevention is worth a pound of cure—maybe even more in the case of damaging Distributed Denial of Service (DDoS) attacks on your website. Sophisticated new functionality in NetBase can alert you to an impending attack, enabling you to take measures that can mitigate or avert the attack altogether.
Catching a DDoS Early
According to the Symantec website, “a denial-of-service (DoS) or Distributed Denial of Service (DDoS) attack involves an attempt to disrupt the normal functioning of a website or web service. In a typical DoS attack, the attacker will overload a site’s server with requests for access far above the capacity of the site, meaning that legitimate requests cannot be processed.” The Symantec site also says a key preventative measure is “observing regular system performance to get a baseline and use it to gauge unusual activity.”
But even if you spot such “unusual activity,” it’s not a sure thing that you’re seeing the beginning of a DoS attack because it may look like legitimate customer traffic. The idea NetBase had was to combine monitoring the volume of traffic with looking for comments about the responsiveness or behavior of your site and to look for an abnormal number of such comments.
Triggered Alerts to the Rescue
NetBase performs the monitoring and alerts you to suspicious patterns via its Triggered Alerts functionality, which can monitor your site hour by hour and detect unusual levels of activity for specific times. For example, if you normally get two comments an hour at midnight, and you suddenly begin receiving 100, and they contain references to your site’s performance, chances are that you’re on the cusp of a DoS attack. NetBase can alert you to that, and you can take appropriate measures immediately.
NetBase does this with an algorithm that uses a statistical model of what constitutes a significant change in the volume of conversation about your brand. You can set the level of sensitivity that defines a significant change, and when that’s detected, NetBase sends an alert.
Advantages of NetBase Triggered Alerts
- Simpler—Typical monitoring vendors such as KeyNote require human effort, and are cumbersome because you have to write out lots of scripts, one for each type of interaction (e.g., transfer money, bill pay, apply-for-job, etc.). And the more complex your site, the more scripts you have to write. This approach becomes almost impossible to maintain. For some organizations with complex sites, Triggered Alerts may be the only way to catch certain issues because a customer complaining is a universal catch-all.
- Faster—You can’t afford to anticipate and monitor every type of interaction on your site, so if hackers exploit a click-stream you’re not monitoring, you won’t hear about the problem until customers start calling your 800 number. But as more and more consumers take to social to get your attention, NetBase is likely to detect the problem before the call center. And customers are already using social more often to communicate with organizations: they’re learning that organizations are more likely to respond to a social media post because it’s public.
- Cheaper—Monitoring vendors such as KeyNote can be very expensive and require staff time. For the cost of a few NetBase topics, you can have a single individual monitor more than a staff using KeyNote.
Companies with smaller IT departments may be especially interested in Triggered Alerts because they don’t have the in-house staff or expertise to develop and maintain their own solution, and because using NetBase is more cost-effective than using a dedicated monitoring service.
You can request a demo of NetBase’s solution, and in particular its Triggered Alerts function, here.