Safeguard
Tag

ddos

Safeguard articles tagged "ddos" — guides, analysis, and best practices for software supply chain and application security.

8 articles

Application Security

DNS attack techniques and defenses

Cache poisoning, tunneling, and NXDOMAIN floods all abuse the same trust: DNS was built to be fast and open, not authenticated.

Jul 12, 20266 min read
Application Security

Hardening HTTP/2 against protocol-level DoS attacks

HTTP/2 Rapid Reset hit Google with 398 million requests per second in 2023 — a single protocol quirk, not a bug in any one server, drove the largest DDoS ever disclosed.

Jul 8, 20266 min read
Vulnerability Management

HTTP/2 Rapid Reset: inside CVE-2023-44487

A single HTTP/2 feature let attackers hit 398 million requests per second. Here's how Rapid Reset (CVE-2023-44487) broke nearly every major web server at once.

Jul 8, 20266 min read
Vulnerability Analysis

HTTP/2 Rapid Reset (CVE-2023-44487) Explained

A protocol-level flaw in HTTP/2 turned a normal feature into the largest DDoS attacks ever recorded. Here is how Rapid Reset works and which library versions fix it.

Jul 1, 20266 min read
Vulnerability Analysis

HTTP/2 Rapid Reset zero-day vulnerability CVE-2023-44487

CVE-2023-44487 "HTTP/2 Rapid Reset" enabled record-breaking DDoS attacks via stream-reset abuse. Impact, affected stacks, and remediation steps.

May 6, 20267 min read
Vulnerability Analysis

What is a Denial of Service (DoS) Attack

DoS attacks knock systems offline without stealing data. Learn how they work, real-world examples like Mirai and HTTP/2 Rapid Reset, and how to defend against them.

Mar 29, 20267 min read
Application Security

HTTP/2 Rapid Reset: The Largest DDoS Attacks in Internet History

CVE-2023-44487 exploits a design flaw in HTTP/2 to amplify DDoS attacks, enabling record-breaking attacks peaking at 398 million requests per second.

Oct 10, 20235 min read
Infrastructure Security

DDoS Protection for Software Distribution Infrastructure

Package registries, artifact repositories, and update servers are high-value DDoS targets. Taking them down disrupts entire software supply chains.

Mar 12, 20235 min read
ddos — Safeguard Blog