How to Start Making a DDoS Response Plan

By   ISBuzz Team
Writer , Information Security Buzz | Oct 29, 2014 04:04 pm PST

Some organizations exhibit strange behavior today when it comes to distributed denial of service (DDoS) attacks. DDoS assaults are becoming more common, increasingly sophisticated, and more costly all the time. Yet organizations continue to rely on the same dated firewall solutions they have always used to protect themselves.

Featured Download: Social media access at work. Do your employees know the rules?

It’s clear they need a new strategy to update their DDoS response plan. However, developing such a plan can be a difficult proposition, particularly for organizations that have spent years ignoring the possibility of DDoS attacks.

This is where the Incapsula’s new DDoS Response Playbook can help.

This ebook is filled with useful guidance to help prepare your organization for the current threat landscape—no matter what your present DDoS mitigation strategy looks like. It also helps you in creating a plan if you don’t already have one.

The playbook teaches you how to prepare for a DDoS attack, what to do if one hits, and how to ultimately respond to it.

Here is a brief look at a few of the things you’ll learn from this document.

What Are DDoS Attacks, and Why Should You Be Worried About Them?

For the uninitiated, all the hype surrounding DDoS attacks may seem excessive.

However, after reading the playbook, you’ll come away with a better understanding of what a DDoS attack is, how different types of assaults work, and how much one could cost your organization—in relation to both financial and non-financial losses.

As a result, you’ll grasp why it’s so important to make sure your organization is adequately prepared.

How Do You Prepare Your Organization For a DDoS Attack?

The playbook lays out a four-step DDoS preparation process:

– Create a response team – Establish who will respond to an attack so as to minimize confusion.
– Develop a response plan – Determine who does what post-attack to maximize efficiency and minimize your response time.
– Perform a risk assessment – Knowing where the risk is greatest is the first step toward addressing that risk.
– Identify single points of entry – Find vulnerable spots in your network in order to protect them.

Potential DDoS Targets

How Can Your ISP Help Prepare For DDoS Attacks?

Partnering with your ISP is an integral step in proper DDoS preparedness. Incapsula’s playbook tells you how to create an effective partnership to help you more effectively test and maintain your network.

You’ll also learn the steps to take and questions to ask in order to make your ISP partnership a reality.

What Technological Capabilities Should You Consider?

Creating an effective DDoS response plan requires an understanding of potential solutions as they pertain to:

– Detection – You must know an attack is underway in order to quickly respond to it.
– Time to mitigation – An effective DDoS solution must offer a time to mitigation that best meets your organization’s needs.
– User classification – Your plan must include an effective way of differentiating between bad bots and legitimate users.
– Web application firewall – You may require a WAF to protect you from application-level threats.

How Should You Respond During A DDoS Attack?

You’ll find useful details in Incapsula’s playbook regarding all steps you should take during a DDoS attack, including:

– How to organize your war room
– How to maintain clear, open communication
– How to respond to ransom notes and other threats
– How to address the attack with customers, employees, and the media

What Should You Do After an Attack?

Once an attack has passed, it’s important to conduct a post-mortem analysis to assess damage and learn what you can do to mitigate future assaults.

Incapsula’s playbook includes details as to what to do after an attack—including how to handle possible legal disclosures.


Preparing for a DDoS attack and creating a response plan is a necessary part of protecting your organization from criminals, activists, and even competitors who might benefit from bringing down your web presence.

If you’re in need of an excellent resource to help you get started with your DDoS response plan, download the Incapsula DDoS Response Playbook here.

By Tim Matthews, Vice President of Marketing, Incapsula

About Incapsula

Incapsula_logoIncapsula’s cloud-based Application Delivery service enables businesses to simplify their IT operations and reduce costs by consolidating multiple appliances and services into a single cloud solution. Enterprises get best-of-breed security, load balancing, failover and a global CDN, without having to deploy, manage and integrate separate products.

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x