Level 3 buys Black Lotus for application layer anti-DDoS expertise

Is the DDoS market consolidating? Barriers to entry have been high for some time but the industry has another name to chalk off the list this week with the news that telecoms firm Level 3 Communications has bought one of the smaller anti-DDoS providers, Black Lotus.

Tiny Black Lotus is privately owned and so the price hasn’t and never will be revealed, but Level 3 likely paid a modest sum for a mitigation provider that has been around since 1999, long enough to count as a veteran and pioneer of the space.

Black Lotus was effectively acquired in 2013 by private equity firm, Industry Capital Advisors, which invested in the firm, which means that the sale counts as an exit for the money men who lubricate so much of today’s M&A.

Level 3 jumped into DDoS mitigation earlier this year, part of a strategy to add services to datacentre and pipes offerings that used to characterise this sector. What the firm is getting includes proxy-based mitigation to counter application-layer attacks with behavioural analytics to cope with increasingly sophisticated attack patterns.

This will be deployed to protect the sort of web hosting customers that Level 3 serves.


“Black Lotus' proxy and behavioral technologies, combined with their experienced team of DDoS experts, perfectly complements Level 3's DDoS mitigation and threat intelligence capabilities,” commented Level 3 senior vice president of managed services, Chris Richter.

“With this acquisition, Level 3 continues its commitment of investing in a comprehensive portfolio of services that enhance the growth, efficiency and security of our customers' operations, helping enterprises combat the cybersecurity challenges they face every day."

Level 3 hopes to turn itself into a credible competitor to firms such as Akamai (which bought Prolexic), VeriSign and Cloudflare. Meanwhile, DDoS tech firms such as Arbor Networks (owned by Tektronix) work at a different level of ecosystem through partnerships with networking firms such as Cisco, Juniper and IBM.

Earlier this month, Level 3 released research on the aggressive SSHPsychos botnet it collaborated to shut down in April after detecting unusual volumes of SSH traffic directed at compromised Linux servers.

Copyright © 2015 IDG Communications, Inc.

9 steps to lock down corporate browsers