How to beat application DDoS attacks with CrowdSec & Cloudflare

BSidesBCN21 - Day 1 - Park Güell Track How to beat application DDoS attacks with CrowdSec & Cloudflare (Klaus Agnoletti) Distributed Denial-of-service (DDoS) attacks have been targeting all types of businesses over the past few years. They have been used by hackers for quite some time and are some of the most common attacks but remain extremely efficient and harmful. The concept is simple: hackers hammer a given target from many different locations to take it down (and usually ask for money afterward as a condition to stop the attack). E-commerce sites are one of the usual victims: an e-commerce site down is a site that isn’t making money. There are many ways and tools to perform this kind of attack and many layers of defense, but today we will focus on application (layer 7) distributed denial of service, L7 DDoS in short. In this talk we will discover how CrowdSec can be leveraged to provide an effective countermeasure against L7 DDoS attacks on websites protected by Cloudflare. This is done by combining the powers of CrowdSec with the Cloudflare API to filter away malicious connections in an effective (and free!) manner. About Klaus Agnoletti Klaus has been working professionally in infosec since 2004. The later years of his infosec career he worked primarily as a security advisor in various shapes and forms. After many years of actively engaging with the local infosec community in Copenhagen, Denmark he decided to go all in on the infosec community and started in CrowdSec where one of his roles are to spread the word on CrowdSec and help draft more users. Speaking at BSides Barcelona is a great way to do just that!