Detection, Mitigation & Response

Detect and mitigate DDoS attacks in under 1 second, respond automatically, and keep your users informed.

All features →
1-Second Detection
Know the instant traffic spikes. PPS checked every second.
Attack Classification
Identifies 8 attack types with protocol-level confidence scores.
Node Firewall Rules
Per-server iptables, null-routes, CDN rules & scripts.
Cloud Scrubbing
Auto-divert to Cloudflare, OVH, or Hetzner on attack detection.
BGP Mitigation
Auto-deploy FlowSpec, RTBH blackhole & rate-limiting via BGP.
Multi-Channel Alerts
Discord, Slack, PagerDuty, OpsGenie, SMS, email, webhooks.
PCAP Capture
Full packet capture with AI-powered forensic analysis.
Layer 7 Detection
HTTP flood, credential stuffing, API abuse & bot detection.
Automated Runbooks
Chain mitigation steps into automated incident response playbooks.
Analytics Baselines Threat Intel & IOC Multi-Node Status Pages Correlation Audit Log Attack Profiles Flow Collection
Learn
Documentation Quick Start API Reference Agent Setup DDoS Protection Landscape State of DDoS 2026 REPORT Free Certifications NEW
Research & Guides
Mirai Botnet Kill Switch Research memcached Amplification Dynamic Baselines PCAP Forensics PagerDuty Setup
Company
About Us Partners Managed Protection Whitelabel / Reseller Affiliate Program Pay with Crypto System Status
Legal & Support
Contact Us Security Trust Center Terms Privacy SLA
Who Uses Flowtriq

From indie hosts to ISPs, see how teams like yours use Flowtriq to detect and stop DDoS attacks.

Talk to Us →
Infrastructure
Hosting Providers ISPs MSPs/MSSPs Small Operators Routers Edge Node Defense
Gaming
Game Server Hosting Game Studios
Business
SaaS Platforms E-Commerce Financial Services Compliance
Managed Protection

Don't Have a NOC?
We'll Be Your NOC.

On-call DDoS analysts who know your network. Powered by Flowtriq's detection platform and staffed by certified security professionals from our partner network. We monitor, respond, and tune. You sleep.

How It Works

Three steps to peace of mind

We Watch

Our analysts monitor your Flowtriq dashboard and alerts. Every alert is reviewed. Auto-mitigation successes are logged, anomalies are flagged, and nothing slips through.

We Respond

When auto-mitigation needs human judgment, we're already on it. Threshold tuning, BGP escalation decisions, firewall adjustments, scrubbing provider coordination. Handled before you even know there's an incident.

We Report

Post-incident summaries with what happened, what we did, and what we recommend. Monthly tuning reports. Quarterly security reviews on higher tiers. All delivered to your inbox.

Service Tiers

Choose your level of coverage

Watch
$499/mo
CoverageBusiness hours
Mon-Fri 8am-8pm ET
MonitoringAlert review + triage
Incident responseAlert forwarding with context + recommendations
Response timeNext business hour
TuningMonthly threshold review
ReportingMonthly summary
CommunicationEmail
OnboardingSetup guide + config review
Get Started Talk to Us
MOST POPULAR
Respond
$1,499/mo
Coverage24/7 on-call
MonitoringActive monitoring + response
Incident responseAnalyst takes action: adjusts mitigation, escalates BGP, coordinates scrubbing
Response time15 minutes
TuningMonthly tuning + optimization
ReportingMonthly + post-incident
CommunicationEmail + Slack/Teams
Onboarding1-hour call + architecture review
Get Started Talk to Us
Dedicated
$3,999/mo
Coverage24/7 on-call
MonitoringNamed analyst assigned to your network
Incident responseCustom runbook execution: your analyst knows your topology and escalation preferences
Response time5 minutes
TuningContinuous tuning + proactive threat hunting
ReportingMonthly + post-incident + quarterly review
CommunicationEmail + Slack/Teams + direct phone line
OnboardingDedicated onboarding + full architecture review + custom runbook
Get Started Talk to Us

All tiers available monthly with no commitment. Annual billing saves 20%. No long-term contracts.

Every Tier

Included in every plan

Analyst access via your existing Flowtriq "Analyst" RBAC role: read/write on detection and mitigation, zero access to billing or account settings
All analyst actions logged in Flowtriq's tamper-evident audit trail (SHA-256 hash-chained)
Custom escalation contacts: tell us who to call, how, and when
Integration with your existing alerting setup (PagerDuty, OpsGenie, Slack, etc.)
No long-term contracts: month-to-month available on every tier

Onboarding

How we get you set up

Every engagement starts with a structured onboarding process so our analysts know your network before the first alert fires.

1

Network Architecture Review

We document your topology, critical IPs, acceptable-loss IPs, and preferred mitigation approach.

2

Runbook Creation

Per-scenario response procedures. Example: "If attack on IP range X, escalate to FlowSpec. If attack exceeds Z Gbps, coordinate with scrubbing provider."

3

Escalation Contacts

We confirm who to contact, via what channel, and under what circumstances.

4

Analyst Access Provisioned

Your Flowtriq Analyst RBAC role is set up for our team. Alert routing to our on-call rotation is confirmed.

5

Baseline Validation

We review your detection thresholds and baseline data to make sure everything is tuned correctly.

6

Test Incident

We trigger a test incident and walk through the full response workflow to validate the entire chain.

7

Signoff

You review and approve the runbook. We go live.

Estimated onboarding time: Watch: 1-2 days · Respond: 2-3 days · Dedicated: 3-5 days

Use Cases

Who this is for

Hosting Providers

You don't have a 24/7 NOC but your customers expect 24/7 protection. We fill the gap.

Game Server Hosts

Your players leave when they lag. They don't come back when your server goes down. Our analysts respond faster than you can wake up.

Small ISPs

Your 1-2 person team can't watch the network around the clock. Our analysts can.

MSPs

Offer "managed DDoS protection" to your clients without building your own SOC. White-label available.

FAQ

Common questions

Who are the analysts?

Certified network security professionals from our partner network, including Lorikeet Security. Experienced in DDoS incident response, BGP operations, and network forensics.

What access do analysts have to my account?

Analysts use Flowtriq's Analyst RBAC role. They can view dashboards, modify detection thresholds, adjust firewall rules, and trigger BGP announcements. They cannot access billing, API keys, user management, or account settings. Every action is logged in a tamper-evident audit trail.

Can I keep self-managing and only use the SOC for overflow?

Absolutely. The Watch tier is designed for exactly this. We review alerts and send you context and recommendations, you decide what to do. You stay in control.

What if I need to change my runbook?

You can update your runbook at any time. On the Dedicated tier, your named analyst proactively suggests runbook improvements based on observed attack patterns.

Can I upgrade or downgrade tiers?

Yes, at any time. No penalties.

Do I need to be on a specific Flowtriq plan?

No. The managed service works with any Flowtriq plan: node-based, flow-based, or both.

What happens during an attack outside business hours on the Watch tier?

Flowtriq's auto-mitigation still runs 24/7. On the Watch tier, analyst review happens next business day. If you need 24/7 analyst response, upgrade to Respond.

Get Started

Ready to Sleep Through the Next Attack?

Let our analysts worry about DDoS so you don't have to. Month-to-month, cancel anytime.

Get Started → Talk to Our Team