Frequently Asked Questions

DDactic is an automated DDoS vulnerability assessment platform that helps organizations discover their attack surface, identify DDoS vulnerabilities, and test their defenses. We provide comprehensive reports with actionable recommendations to improve your DDoS resilience.

DDactic performs automated reconnaissance to discover your assets (domains, subdomains, IPs), analyzes your infrastructure for DDoS vulnerabilities (origin IP exposure, CDN misconfigurations, etc.), runs synthetic simulations to test your defenses, and generates detailed reports with remediation recommendations and CLI scripts.

DDactic focuses specifically on DDoS vulnerabilities that other tools miss. We discover hidden attack surfaces, test CDN bypass techniques, identify origin IP exposure, and provide actionable remediation scripts. Unlike generic vulnerability scanners, we specialize in DDoS resilience testing.

No installation required. DDactic is a cloud-based SaaS platform. You simply add your domains, and we handle the rest. We also provide a CLI tool for self-check assessments if you prefer to run scans locally.

DDactic identifies: origin IP exposure, CDN bypass vulnerabilities, unprotected assets, misconfigured WAFs, exposed API endpoints, DNS misconfigurations, and infrastructure weaknesses that could be exploited in DDoS attacks.

We use multiple techniques: DNS enumeration, certificate transparency logs, historical DNS records, subdomain discovery, IP resolution, port scanning, and infrastructure analysis. This comprehensive approach ensures we find assets you might not even know exist.

Origin IP exposure occurs when attackers can discover the real IP addresses of your servers behind a CDN. Once they have your origin IPs, they can bypass your CDN protection and attack your servers directly, rendering your DDoS protection ineffective.

Assessment time depends on the size of your infrastructure. A typical assessment for a medium-sized organization (10-50 domains) takes 24-48 hours. Large enterprises with hundreds of assets may take 3-5 days. You'll receive progress updates throughout the process.

Yes, DDactic is completely safe. We use controlled, low-volume testing that simulates attack patterns without causing disruption. All testing is performed with your explicit authorization and follows responsible disclosure practices. We never perform actual DDoS attacks.

We only collect the domains you provide and the infrastructure data discovered during assessment. We do not access your internal systems, databases, or sensitive data. All data is encrypted in transit and at rest. See our Privacy Policy for details.

All assessments require explicit authorization. We follow responsible disclosure practices, only testing systems you've authorized, and providing detailed reports directly to you. We never publicly disclose vulnerabilities without your permission.

Pricing is based on the number of domains and assets in your infrastructure. We offer flexible plans for organizations of all sizes. Contact us for a custom quote based on your needs.

Yes! We offer a limited free assessment for qualified organizations. Join our early access waitlist to be notified when trials become available.

Yes, we offer continuous monitoring plans that automatically scan your infrastructure for new vulnerabilities and changes. This helps you stay protected as your infrastructure evolves.