As we continue our Low End Box Interview Series, today we are talking to Matthew Heard, Chief Executive Officer of X4B, the DDOS Specialists. So, let’s get started with the interview!
Tell me about your background and your company’s history?
First prototyped in 2010 and commercialised in 2013 we have been providing protection for our customers for over 5 years. I first started development in this space to provide cost effective protection for my own web properties in a time where low cost mitigation options were few and far between and rarely effective. Since then we have evolved this technology to where we are today a leader in this bracket with our own Anycast network (AS13615) and mitigation engines.
DDOS Protection is a tough market, how have you succeeded?
Adaptability and perseverance. A robust mitigation solution is not something you developed over the course of a night, month or even a year. It takes years of battle testing against threat actors of all kinds to get to where we are today. Every day new threats evolve to push the limits of existing mitigation strategies and technologies, however with years of technological investment behind us we are well placed to respond quickly.
Where do you think the future takes the hosting industry?
Many challenges for providers across the hosting space (from shared to dedicated) are going to present themselves over the next few years. The biggest challenge I see is the growth of large ‘cloud’ providers. These providers make it more challenging for smaller players to get started and establish a stable foothold. The hosting space has often been innovative and it’s my hope that this does not lead to a reduction in innovation.
On the DDoS front I see attacks continuing to become more accessible and more complex attacks (even hybrid attacks) becoming more common. This will necessitate protection for nearly all sites and services available. This may also make it difficult for many extremely low cost providers to continue to operate as the costs of developing mitigation strategies for hybrid attacks is often beyond their budgets.
What makes your company unique in today’s evolving market landscape? How are you evolving with the times?
There is no place for stagnation in this field, already this year we have developed mitigation for 2 completely new attacks and a few older classes with a new twist. For example this current health crisis is presenting its own challenges with a significant increase in ‘booter` attacks being observed. We attribute this to a large percentage of the source demographic being home and away from education and work.
What do you enjoy most about your role? What do you find most difficult?
Personally I enjoy solving complex challenges for our customers and the moment of triumph you get from successfully mitigating a purpose-built or hybrid threat is second to none.
The most difficult aspect is usually the hours. This job demands a lot and is difficult to provide as a SMB. We are expected to be able to solve every problem at any time, it’s not a job you can easily get a holiday from. attack peaks often co-inside with major holidays (Christmas, Easter, etc) which can be very inconvenient to life events.
Over time how have you seen DDOS attacks evolve to continue to stay a threat?
When we got started there was little variety in attacks. Most attacks where SYN floods or DNS Amplification. Most protected networks solved the latter by entirely blocking UDP traffic and the former by rate-limiting new connections. Now responses are much more complex and tailored. For example modern demands require mitigation systems tested against thousands of attack patterns and with specific responses to in all cases to minimise impact.
Going into the future I see DDoS attacks continuing to get more complex, favouring complexity over pure volume. Volume through amplification will continue to remain a threat for those without mitigation. However for those with protection simple volumetric attacks will continue to be easily protected through basic ACLs at the transit or mitigation providers levels.
Complex attacks, such as attacks launched from compromised fleets of mobile phones, IOT devices or routers (botnet) with traffic resembling real user interactions already happen and this style of attack will continue to become more common place. The difficulties of detecting these attacks and accurately mitigating them will continue to present many challengers to mitigation providers.
Give us some details on new and exciting things you are working on?
It’s a very exciting time for us at X4B. Every 2-3 years we do a major upgrade of the filtering nodes and that’s happening for us in May. With that out we will be able to start rolling out major features many of which were developed over this period but held back due to blocks. For example this includes commonly requested features such as custom (user) Layer 3–5 rules and mitigation support for more Layer 7 protocols.
Why should customers trust you and your business?
With 10 years of R&D behind us and a plan encompassing both short and long term goals we aren’t some fly by night. We will be here for you and solving your problems be they big or small now and into the future.
How has the Low End Box and Low End Talk community impacted your business and its growth?
Originally just a place to hang out with likeminded individuals, Low End Talk has been a consistent part of my life for many years. Although from a business perspective we aren’t that big here as we don’t directly sell VPS or Dedicated server. As we sell services that compliment those offered by others suppliers here have always been popular and we hope for that to continue into the future.
Final thoughts and anything you would like to add?
2020 is shaping up to be a challenging year in many respects. While you are at home, perhaps consider making the most of the additional time you have to learn a new skill or build that project that you have been putting off. Most importantly we should always remain positive that regardless of circumstances we will prevail through these tough and uncertain times.
Check out X4B by clicking their banner below!