Security Beginner

What is DDoS (Distributed Denial of Service)?

An attack that floods a target server or network with traffic from multiple sources to overwhelm it and deny service to legitimate users.

DDoS attacks use thousands of compromised devices (botnets) to generate massive traffic volumes. Types include volumetric attacks (flood bandwidth), protocol attacks (exploit protocol weaknesses), and application layer attacks (target specific services).

Mitigation includes CDN/DDoS protection services (Cloudflare, AWS Shield), rate limiting, geo-blocking, traffic analysis, and over-provisioning. DDoS attacks are common and can target any internet-facing service. Protection should be part of every production architecture.

Related Terms

Secret Management

The practice of securely storing, accessing, and rotating sensitive credentials like API keys, passwords, and certificates.

A systematic examination of an information system to assess compliance with security policies, identify vulnerabilities, and verify controls.

Data Loss Prevention (DLP)

A strategy and set of tools that detect and prevent unauthorized transmission of sensitive data outside an organization.

An attack where malicious SQL code is inserted into application queries through user input to access or manipulate the database.

Webhook Signature Verification

A security mechanism that verifies webhook payloads are authentic and unmodified using cryptographic signatures.

Security Headers

HTTP response headers that instruct browsers to enable security features like XSS protection, framing prevention, and content type enforcement.

View All Security Terms →