About stress test

Variti provides customized bot attack simulation tests on request to investigate company resources capabilities to prevent automated attacks. Variti's stats on test results show that most businesses are vulnerable because up-to-date attacks easily bypass traditional detection solutions.

The scope of the test:

  • Determine workloads limits for a customer's infrastructure and online services;
  • Check the ability of current protection solutions to withstand bot threats, including high-frequent and low-frequent attacks at levels L3, L4, L7;
  • Draw up a detailed report on identified bottlenecks and vulnerabilities with recommendations to resolve all the issues.

The test set up and phases

Stress tests are provided by Variti’s highly skilled security engineers with deep experience in DDoS mitigation and bot detection. We arrange all the dates and times according to a customer’s request for online resources to be ready for peak loads and spikes in traffic. The testing period lasts no longer than three hours.

To identify and set parameters for each test phase, a customer should allocate its technical specialists with the appropriate authority and access. At least one tech specialist needs to be in the testing group during the stress test period for operational coordination.

Testing is done in several phases. Dedicated specialists should approve each phase's start and the initial parameters of loads for the customer.

Phase 1 – Layer 7 testing

During this phase, we check requests processing at the application level. The stage includes testing of:

  • Low-frequency requests
  • Statics;
  • Dynamics of GET requests;
  • Dynamics of POST requests;
  • Other combined testing methods.

Parameters like timeouts can vary during the testing.

Phase 2 – Layer 3-4 testing

During this phase, we check requests processing at the network and protocol levels, including:

  • UDP flood;
  • TCP flood (SYN / SYN + ACK / ACK, etc);
  • Generic TCP flood;

Parameters can vary during the testing.

Phase 3 - Data analysis, report and Variti service demo

In three working days after phases 1 and 2, Variti experts draw up a list of infrastructural vulnerabilities and bottlenecks and improvement recommendations.

Variti service demo is available at this stage. To arrange a demo, the Variti team will need to approve the customer's connection parameters for a trial period. We will compare some results of traffic filtering with Variti with your current solution results. We’ll take a look on metrics like availability, delays, number of resource responses with error codes, etc.