|Industry||Information Technology & Services|
Prolexic Technologies, was a U.S.-based provider of security solutions for protecting web sites, data centers and enterprise IP applications from Distributed Denial of Service (DDoS) attacks at the network, transport, and application layers. On February 2014, Akamai Technologies acquired Prolexic Technologies. It operated a DDoS mitigation platform and a global network of traffic scrubbing centers. Real-time monitoring and mitigation services were provided from a 24/7 security operations control center (SOCC). Prolexic indicated its DDoS mitigation services make websites, data centers and enterprise IP applications harder to take down via DDoS attacks.
In 2003 Prolexic Technologies was founded by Barrett Lyon and was the subject of a book Fatal System Error by Joseph Menn. Prolexic protects organizations in the following markets: airlines/hospitality, e-commerce, energy, financial services, gambling, gaming, public sector, and software as a service. Sony is said to be a customer of the company. Prolexic claims some of the largest banks as its clients.
In 2011, Prolexic indicated it secured Payment Card Industry Data Security Standard (PCI DSS) level 2 compliance certification from the PCI Security Standards Council, which would speed deployment of remediation for compliant organizations during encrypted Application Layer 7 DDoS attacks.
In 2012 Baltimore private equity firm Camden Partners invested $6 million in the company, and American Trading and Production Corp invested $2 million as part of an $8 million Series B funding round. In the deal, Jason Tagler of Camden Partners joined the board of directors of Prolexic. Prolexic said it would use the Series B money to support staff and augment its network.
In 2013, Prolexic closed a US$30 million Series C funding round led by new investors Trident Capital and Intel Capital. Kennet Partners, Camden Partners and Medina Capital all took part in the funding round.
Prolexic provides three kinds of DDoS protection services to its clients: Monitoring and attack detection services, mitigation services that intercept attacks, and attack intelligence and post-attack intelligence services. In addition, Prolexic aggregates intelligence information and reports on active botnets and fraud-linked IP addresses.
The company opened its first network traffic scrubbing center in North America in 2003, in Europe in 2005, and in Asia in 2007. In 2012, the company’s traffic scrubbing capability was in excess of 500 Gbit/s of bandwidth and comprised multiple carriers in a distributed global network. The firm was said to be investing in the infrastructure to cope with up to 1.2Tbit/s peak traffic loads by the end of 2013.
Because many DDoS attacks are concerted efforts by sophisticated live attackers, Prolexic uses a combination of automated tools and human expertise as part of its services. In 2012, company said it had successfully stopped all DDoS attacks affecting its clients to date, including attacks against application servers, such as Layer 4 (SYN floods) and Layer 7 attacks, as well as HTTP GET flood attacks, zero-day attacks, UDP/ICMP floods, TCP flag abuses, DNS reflection, and DNS attacks. Prolexic is said to have mitigated the largest DDoS attack of 2011, which involved 250,000 computers infected with malware.
The company’s service typically mitigates attacks within 5 to 20 minutes after a client's network traffic starts flowing through a scrubbing center. Prolexic mitigated more than 30,000 DDoS attacks from 2003–2011. In 2011, Prolexic mitigated from 10 to 80 attacks daily.
In 2012, hacktivism and vandalism were cited as the main inspiration for DDoS attacks, rather than extortion as in the past. This type of motivation is said to make any company a victim, not just high-profile organizations. Organizations of all sizes are said to be at risk of DDoS attacks, because the newer application-level attacks are more targeted than classic DDoS botnet attacks and don’t need as many resources to deploy. The cloud-based DDoS mitigation approach used by Prolexic employs technology to redirect traffic to the company’s DDoS mitigation service, scrub the traffic, and send only legitimate traffic to the client site. This attack mitigation approach is said to be lower-cost than the traditional approach of a company maintaining its own network firewall, making DDoS attack prevention an option for most firms doing business on the web.
- "Source: Anonymous attacks on Sony annoying, not much more". Ars Technica. April 9, 2011.
- "LulzSec's Parting Trojan is a False Positive". CIO Magazine. June 28, 2011.
- "Top 100 Private Companies in North America" (PDF). RedHerring (Print issue). May 23, 2005.
- "Prolexic Becomes First DDoS Mitigation Provider to Gain PCI DSS Certification". Prolexic. August 11, 2011.
- "Prolexic Announces New CEO Scott Hammack". Prolexic. April 20, 2011.
- "Prolexic Announces Management Team, Names New President Stuart Scholly". Prolexic. May 13, 2011.
- "Management Team". Prolexic. Retrieved November 30, 2013.
- "Camden Partners leads $8M funding round of Prolexic Technologies". Baltimore Business Journal. February 8, 2012.
- "Prolexic Revenues Increase 45 Percent in 2011- Significant investments in staffing, R&D and network capacity to accommodate growth". Prolexic. January 12, 2012.
- "Venture Capital Dispatch: The Daily Startup". Wall Street Journal. July 26, 2013.
- "Partners". Prolexic. Retrieved March 23, 2012.
- "Prolexic services". Prolexic. Retrieved November 30, 2013.
- "Milestones". Prolexic. Retrieved April 9, 2012.
- "Letter from the president". Prolexic. Retrieved April 9, 2012.
- "Largest ever DDoS attack directed at financial firm, Prolexic reports". Techworld. May 30, 2013.
- "Prolexic Scores Points with Content Rating Organization" (PDF). Prolexic. March 13, 2012.
- "Prolexic Shines in Mitigating Layer 7 DDoS Attack for Leading American Jewelry Designer" (PDF). Prolexic. March 13, 2012.
- "Prolexic Answers Late Night Weekend Call to Mitigate DDoS Attack for Foundation Source" (PDF). Prolexic. March 13, 2012.
- "Botnet-driven attacks at 'tipping point'". V3.co.uk. February 10, 2010.
- "Largest DDoS Attack So Far This Year Peaked At 45 Gbps, Says Company". CSO Online. November 24, 2011.
- "Más DDoS: More Powerful, Complex, And Widespread". Dark Reading. Feb 7, 2012.
- "New Denial of Service Attacks Now Targeting All Size Businesses". CIO: IT Security Hack. December 8, 2011.