Loading...
Answers
MenuWhich level of DoS protection is best to start off with for a startup building a social network from the ground up?
This question has no further details.
Answers
Denial of Service protection is a key component of your perimeter defense along with your firewall, intrusion detection/prevention and continuous monitoring.
There are several managed service providers that you can choose from. The first vendor you should contact is your Internet Service Provider (ISP), they may have DoS services available as a component of your contract or they will have DoS providers they partner with.
Once you have identified the services your provider offers or the DoS protection partners they have you can evaluate which is best for you.
If you have more questions on this or other security, data protection or regulatory requirements, PCI may be important for you, feel free to let me know.
Best of luck in your venture!
-Steven
For a startup, I'd suggest at a minimum you use a CDN like Fastly or Cloudflare in front of your application to prevent basic DDoS attacks. In addition, you'll need to pay particular attention to rate-limiting your login and registration APIs/forms so that you won't have bot attacks and brute-force attacks against your site. The CDN's usually don't provide rate-limiting so you may want to use something like Amazon AWS's functionality for this.
Related Questions
-
How can I block inappropriate messages in a social media app?
Well if you built the app then I would suggest add a means to allow the community to flag inappropriate messages, then start banning the responsible users.Demitrious JacksonDJ
-
What should you do when your business has been hacked and is being defamed online?
In a word: Forensics. Computer forensics is the art of examining a system and determining what happened upon it previously. The examination of file and memory artifacts, especially file timelines, can paint a very clear picture of what the attacker did, when they did it, and what they took. Just as an example - given a memory dump of a Windows system, it is possible to extract not only the command lines typed by an attacker, but also the output that they saw as a result of running those commands. Pretty useful in determining impact, eh? Depending on the freshness of the compromise, it's possible to tell quite a lot about what happened.Christian FosterCF
-
Which CDN would you recommend for bot detection?
Distil Networks is more like a CDN (Content Delivery Network), so every traffic to customers website should pass through Distil server. In other words you have to point your DNS to their CDN (that can potentially bring down your site). They keep analyzing your website through out and if the traffic is found malicious they block. As you asked about competitors, ShieldSquare as a potential alternative, offers following benefits over Distil: Non-intrusive API integration that will not affect your website performance and uptime. Zero False Positives that will ensure that your genuine users are never troubled. I can offer more direction if I know more about your environment. Best Regards, StevenSteven ParkerSP
-
We're developing a web product with a team of 10 developers. How can I protect my source code if anyone leaves the company?
If you're using source control, it's easy to track source and control access — or revoke access — if someone leaves the company. Also, your developers should have signed a contract about the project itself that clearly places the source code under your/the client's/the company's control, and if/when they leave, they release all rights to code created under that contract. You can never be 100% sure, but these small steps will at least ensure a legal high ground should anyone steal code. Good luck!Jason LengstorfJL
-
We need to certify our start up with the best , most advanced healthcare information security vendors. Any ideas of the best start ups or ways to go?
There are many security standards you can "certify" your datacenter with, such as NIST or ISO. You can read more about them here: http://en.wikipedia.org/wiki/Cyber_security_standards In addition there are some SSL and Antivirus vendors who provide "security badges" that can be embedded to your website and prove that your DNS domain and SSL certificate are valid. Having said that, If you are serious about security and want to leverage that as a competitive advantage you would probably have to implement deep security measures. You could then publish these measures in a whitepaper that can be shared with your clients. You can refer to what Amazon have published regarding their AWS product: https://media.amazonwebservices.com/pdf/AWS_Security_Whitepaper.pdf GuyGuy BalzamGB
the startups.com platform
Copyright © 2025 Startups.com. All rights reserved.
