Which level of DoS protection is best to start off with for a startup building a social network from the ground up?

The reality is "reputable" growth hackers - aren't sitting around on freelance sites waiting for you to hire them. If they are good, they are either (very) gainfully employed at a reputable company making very good salaries or more likely using our super powers to create multimillion dollar companies. So the bad news is there is no platform where you can hire reputable growth hackers BUT here is what you can do: You can borrow some of their time on here for just a few dollars a minute and learn what you need to learn to do it yourself (or at least get started) or find courses to learn "growth hacking" yourself. Get the tips, learn the techniques, tons of free resources and sites too. Unfortunately there are no silver bullets and very seldom magic hires that will suddenly get you growth. It's a painful, iterative long process. And the term growth hacker is very broad. Some of us can help you with SEO/SEM, email list building, partnerships and PR (I'm heavily specialized in PR). TL:DR Talk to specialized growth hackers, learn, and apply the techniques yourself.

Distil Networks is more like a CDN (Content Delivery Network), so every traffic to customers website should pass through Distil server. In other words you have to point your DNS to their CDN (that can potentially bring down your site). They keep analyzing your website through out and if the traffic is found malicious they block. As you asked about competitors, ShieldSquare as a potential alternative, offers following benefits over Distil: Non-intrusive API integration that will not affect your website performance and uptime. Zero False Positives that will ensure that your genuine users are never troubled. I can offer more direction if I know more about your environment. Best Regards, Steven

Well if you built the app then I would suggest add a means to allow the community to flag inappropriate messages, then start banning the responsible users.

There are many security standards you can "certify" your datacenter with, such as NIST or ISO. You can read more about them here: http://en.wikipedia.org/wiki/Cyber_security_standards In addition there are some SSL and Antivirus vendors who provide "security badges" that can be embedded to your website and prove that your DNS domain and SSL certificate are valid. Having said that, If you are serious about security and want to leverage that as a competitive advantage you would probably have to implement deep security measures. You could then publish these measures in a whitepaper that can be shared with your clients. You can refer to what Amazon have published regarding their AWS product: https://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf Guy

Having worked a consultant with global consulting firms and served over fifty of the Fortune 500 companies, I have been a consultant for over 15 years. Although the type of work will vary, consultants need to know why they are being hired. What does your client expect from you? If consultants are armed with that knowledge, they can best apply their skills. I have seen many consultants who jump right into the problem without understanding the context of why they were hired and what success will look like from the client's perspective. A very specific visual that I use is to imagine what the bullet point on my resume needs to look like after I am done. What am I going to do for the client that they can measure and be happy with that I can put down as an example my advice had on the organization. Once I have that in mind, I make sure the client wants that too and the rest is just doing my job. Another thing that consultants may need to know is the type of company culture. If the organization has a lot of certain types of folks, like passive decision makers, the approach to take will accommodate this. The culture of an organization can shed a lot of light on what a consultant can realistically accomplish, especially as the consultant's approach and personality will have an effect on how successful they can be in that organization. I have worked with some organizations where I was not a good fit, while others made working together easy. Being aware of the culture can help the consultant modify their approach accordingly and even know when they may not be the best fit. It is a mature sign for a consultant to read the problem well enough to know that they are not the best person for the job.