HTTP/2 protocol flaw enables attackers to exploit the CONTINUATION feature, causing denial-of-service (DoS) attacks that can bring down servers with just a single connection.

Radware DDoS Protection Services offer you a solution:
According to Radware’s findings, the HTTP/2 CONTINUATION attack can be effectively mitigated using DefensePro with a Layer 7 Cookie Challenge. This defense mechanism prevents attackers from bypassing security measures, as DefensePro seamlessly switches to HTTP/1, where such attacks cannot be executed.

Radware Cloud Services have signatures for detecting HTTP/2 connections from continuously sending large header information without an end, and offer an additional layer of defense against potential attacks.

Caution is advised when implementing END_HEADERS bit monitoring on web servers themselves, while establishing a connection as there may be instances of false positives, necessitating further clarification on the configuration process for this step.

Expert Assistance: Consider reaching out to Kaloyan Kolev professional profile on our website https://lnkd.in/dpVRgZc6 for expert guidance on addressing cybersecurity vulnerabilities.