Detection, Mitigation & Response

Detect and mitigate DDoS attacks in under 1 second, respond automatically, and keep your users informed.

All features →
1-Second Detection
Know the instant traffic spikes. PPS checked every second.
Attack Classification
Identifies 7 attack families with protocol-level confidence scores.
Node Firewall Rules
Per-server iptables, null-routes, CDN rules & scripts.
Cloud Scrubbing
Auto-divert to Cloudflare, OVH, or Hetzner on attack detection.
BGP Mitigation
Auto-deploy FlowSpec, RTBH blackhole & rate-limiting via BGP.
Multi-Channel Alerts
Discord, Slack, PagerDuty, OpsGenie, SMS, email, webhooks.
PCAP Capture
Full packet capture with AI-powered forensic analysis.
Layer 7 Detection
HTTP flood, credential stuffing, API abuse & bot detection.
Automated Runbooks
Chain mitigation steps into automated incident response playbooks.
Analytics Baselines Threat Intel & IOC Multi-Node Status Pages Correlation Audit Log Attack Profiles Flow Collection Mirror / SPAN Mode
Learn
Documentation Quick Start API Reference Agent Setup DDoS Protection Landscape State of DDoS 2026 REPORT Free Certifications Hackathon Sponsorships
Research & Guides
Server Nerd Comic NEW Mirai Botnet Kill Switch Research memcached Amplification Dynamic Baselines PCAP Forensics PagerDuty Setup
Company
About Us Partners Managed Protection Whitelabel / Reseller Affiliate Program Pay with Crypto System Status
Legal & Support
Contact Us Security Trust Center Terms Privacy SLA
Who Uses Flowtriq

From indie hosts to ISPs, see how teams like yours use Flowtriq to detect and stop DDoS attacks.

All Use Cases → Talk to Us →
Infrastructure
Hosting Providers ISPs MSPs/MSSPs Small Operators Routers Edge Node Defense Proxy Providers VPN Providers
Gaming & Entertainment
Game Server Hosting Game Studios Esports Platforms iGaming & Sportsbooks
Business & Emerging
SaaS Platforms E-Commerce Financial Services Compliance VoIP & Cloud Calling GPU & AI Cloud
Trust Center

AI Disclosure

Effective June 20, 2026  |  Flowtriq Networks Inc.

Our Position on AI

Flowtriq uses AI and large language models (LLMs) in specific, limited, and transparent ways. We believe you should know exactly where AI is involved in the tools you rely on to protect your infrastructure.

This disclosure covers every place where AI or machine learning is used in the Flowtriq platform, what it does, what it does not do, and what remains under human control.

Where We Use AI

Feature What AI Does What Humans Control Can Be Disabled
Incident Summaries When an attack is detected, an LLM generates a plain-language summary of the incident: what type of attack occurred, how severe it was, and what mitigation actions were taken. Detection, classification, and mitigation are entirely rule-based and algorithmic. The AI summary is generated after the fact and does not influence any detection or mitigation decisions. Yes
Notification Summaries AI-generated summaries may be included in alert notifications sent to Slack, Discord, PagerDuty, and other channels to help on-call engineers quickly understand what happened. The underlying alert data (PPS, BPS, attack family, severity, source IPs) is deterministic. The AI adds a narrative layer only. Yes
PCAP Analysis Hints When viewing PCAP captures in the dashboard, an AI model may suggest possible attack patterns based on packet characteristics. All PCAP data is raw and unmodified. AI suggestions are clearly labeled as suggestions and do not alter the captured data. Yes

Where We Do Not Use AI

The following core functions are entirely deterministic, algorithmic, and rule-based. No AI, machine learning, or LLM is involved:

  • Attack detection. Detection is based on kernel-level PPS sampling, sliding-window p99 baselines, and protocol analysis. It is not ML-based.
  • Attack classification. Classification uses packet header analysis, entropy calculations, TTL distribution, and flag inspection. Deterministic rules, not neural networks.
  • Mitigation decisions. All mitigation actions (iptables rules, BGP FlowSpec, RTBH, scrubbing announcements) are triggered by threshold-based escalation policies that you configure. No AI decides whether to mitigate.
  • Baseline calculation. Traffic baselines use a sliding-window p99 algorithm with a fixed 300-sample window and 3x multiplier. There is no ML model learning your traffic.
  • Alerting. Alert routing, severity assignment, and channel selection are rule-based. AI does not decide who gets alerted or how urgently.
  • Billing and account management. No AI involvement.
  • Data retention and deletion. Governed by fixed policies, not AI decisions.

Data and Training

  • Your data is not used to train AI models. Network telemetry, PCAP captures, incident records, and any other customer data are never used to train, fine-tune, or improve any AI or machine learning model.
  • LLM providers. AI-generated summaries are produced by third-party LLM APIs. When summaries are generated, the incident metadata (attack type, severity, PPS, duration, mitigation actions) is sent to the LLM provider. Raw packet data and source IP addresses are not sent.
  • No persistent storage by LLM providers. We use API configurations that disable training on inputs and do not retain prompts or completions beyond the API request lifecycle.

Regulatory Alignment

Flowtriq's use of AI falls within the "minimal risk" category under the EU AI Act (Regulation 2024/1689). Our AI features are assistive text generation tools that do not make autonomous decisions affecting individuals, do not process biometric data, and do not perform profiling. No high-risk AI system obligations apply to our current use.

We will update this disclosure if our use of AI changes in scope, purpose, or risk classification.

Questions

If you have questions about how Flowtriq uses AI, contact us at [email protected] or [email protected].

Flowtriq Networks Inc.  |  145 1/2 Church St, Unit 5, Office 822, Toronto, Ontario, Canada  |  Last updated: June 20, 2026