RedWolf Security simulates information security threats on corporate computer networks. Being a pioneer in legal DDoS testing, RedWolf has several years of experience in helping the largest global brands improve their resilience to cyber attacks. The company uses proven techniques to secure their clients’ networks and equip them with the most effective solutions against future threats.
The main goal of RedWolf is to build a comprehensive and feature-rich security solution available for enterprises. Their product simulates web threats and creates DDoS attacks for the sake of testing the security of clients’ infrastructures, conducting the attacks in a controlled manner.
When they approached Neoteric, Redwolf’s product structure required a system that would receive metadata items, match them against subscriptions and send those “messages” (meaning any piece of information sent between different modules, servers or microservices) to subscriber functions. The delivery system was also intended to have the ability to list, add, and delete “subscribers” which are able to receive metadata items. The Client needed a solution enabling better application user service and the whole cooperation required facing several issues: handling extensive amounts of data in short time, combining various servers to work in a synchronized way and building more secure code to contribute to the overall safety of the product.
One of the challenges was to provide a distributed message system that is reliable, fast, and platform agnostic. Platform agnostic approach enables unifying the user interface across all devices, meaning it can run both when the environment is a browser or a Node.js server (no need for two separate applications!). It would scale down the learning curve for end users and improve the change deployment process in the future.
Due to a microservices structure and some clients’ apps, some elements were built in complementing technologies (one in AngularJS, other in Angular). Similarly, NodeJS was used for microservices, and the remaining elements were built in NestJS. In order to assure that the product meets all the requirements, we needed to use different technologies at different stages and for different modules. These were:
When simulating the attacks, numerous microservices needed to communicate with each other and to provide feedback back to the requester (asynchronously). We made sure that messages can be sent to chosen addresses (one or more), either within the local environment, in one browser, or in a global environment – between different browsers or different servers. Thanks to that, the tool can be adjusted to the specific needs of different end users. An additional microservice that is responsible for storing the gathered data let them review and analyze the data anytime they need.
To correctly identify the source of the simulated attack (and make sure that there is no real attack going on at the same time), the messages sent and received within the system are based on patterns. By recognizing the pattern, the system is able to tell if received messages are only the ones that were previously sent by the user.
To make sure that this solution would work for different companies, we added one more option of customization. While delivering messages by different communication layers, such as WebSockets or Kafka, there are different transport layers from which a user can choose what suits their requirements best. They can choose different transport layer depending on their priorities such as the overall performance, cost, ability to customize it, etc.
The development team created a solution similar to a router, similar to the DNS and the network stack. It handles big amounts of data and transfers it back to the storage where the users can access it easily and review. We have provided a library written in TypeScript that allows us to build more secure and more reliable code, supported with tests on our side to remove all possible bugs.
The library evolves over time and now is used in many internal and external projects to provide distributed message system, registering microservices, delivering messages to a specific recipient. Thanks to this and other functionalities, in the long run, Redwolf’s product users benefit from an efficient and robust cyber-defense system.
The final result of development works was a distributed message delivery system that works in production environments for many end users, including hundreds of Fortune 2000 companies. Along with the Client’s team, we created a solution enabling safe and efficient data extraction and correlation system, managing relations between data and the server, and creating reports for the end users.