DDoS

Definition

Distributed Denial of Service - attack that overwhelms a service with traffic from many sources, disrupting normal operations and causing downtime.

Use Cases

Provider Equivalents

Frequently Asked Questions

What's the difference between a DDoS attack and a DoS attack?
A DoS (Denial of Service) attack usually comes from a single source trying to overwhelm a target. A DDoS (Distributed Denial of Service) attack comes from many sources at once (often a botnet), making it harder to block because the traffic is spread across many IPs and locations.
When should I use DDoS protection?
Use DDoS protection if your service is internet-facing (websites, APIs, gaming, e-commerce, SaaS), if downtime would be costly, or if you’ve seen suspicious traffic spikes. It’s especially important when you run behind public load balancers, have fixed bandwidth limits, or must meet availability/security requirements.
How much does DDoS protection cost?
Costs depend on the provider and the level of protection. Some baseline DDoS defenses are included with cloud platforms, while advanced tiers add monthly fees and may include features like enhanced detection, cost protection, and response support. You may also pay indirectly for attack traffic via bandwidth, load balancer, or logging/monitoring charges, so pricing factors include traffic volume, protected resources, and whether you need advanced WAF/rate-limiting features.

Category: security

Difficulty: intermediate

See Also