Mitigation is the process of reducing the impact of an ongoing incident or threats, such as a DDoS attack, system overload, or infrastructure failure, by applying targeted technical and operational measures to maintain service availability and stability.
Mitigation does not eliminate the root cause immediately; it focuses on controlling damage and preserving functionality.
What Mitigation Means in Practice
In real-world operations, mitigation involves:
- Detecting abnormal conditions or attack patterns
- Applying filters, limits, or routing changes
- Isolating affected components
- Redistributing load
- Stabilizing system behavior under stress
Mitigation is typically time-sensitive and adaptive, especially during active incidents.
Mitigation in the Context of DDoS Protection
In DDoS scenarios, mitigation includes:
- Filtering malicious traffic (L3/L4 or L7)
- Rate limiting excessive requests
- Blocking or deprioritizing suspicious sources
- Using Anycast to distribute attack load
- Rerouting traffic through scrubbing systems
The goal is to ensure that legitimate traffic continues to reach the service.
| Aspect | Mitigation | Prevention | Recovery |
| Timing | During incident | Before incident | After incident |
| Goal | Reduce impact | Avoid occurrence | Restore the normal state |
| Example | Traffic filtering | Security hardening | Data restoration |
Mitigation operates in the critical middle phase of incident handling.
Types of Mitigation
1. Network-Level Mitigation
- Packet filtering
- Rate limiting
- Traffic shaping
- Routing adjustments
Used primarily for volumetric or protocol-based issues.
2. Application-Level Mitigation
- Request validation
- CAPTCHA or challenge-response
- API rate limits
- Session control
Used for logic-based or L7 attacks.
3. Infrastructure Mitigation
- Load redistribution
- Scaling resources (where applicable)
- Isolating failing components
- Switching to backup systems
4. Operational Mitigation
- Manual intervention by engineers
- Adjusting configurations in real time
- Coordinating response across systems
Human decision-making is often critical in complex scenarios.
Characteristics of Effective Mitigation
- Speed rapid response to minimize impact
- Precision, minimal disruption to legitimate traffic
- Scalability: the ability to handle large events
- Adaptability: a dynamic response to changing conditions
Poor mitigation can cause more damage than the incident itself.
What Mitigation Is Not
❌ Not a permanent fix
❌ Not a guarantee of zero negative impact
❌ Not fully automatic in all cases
❌ Not a substitute for proper architecture
❌ Not equivalent to prevention
Mitigation manages incidents, but it does not eliminate their causes.
Business Value of Mitigation
For clients:
- Continued service availability during incidents
- Reduced downtime and revenue loss
- Protection of user experience
- Confidence in incident handling
For providers:
- Demonstrates operational maturity
- Requires strong monitoring and response capabilities
- Reflects real-world infrastructure resilience
Our Approach to Mitigation
We treat mitigation as:
- A core operational capability, not a feature
- A combination of:
- Network engineering
- Monitoring systems
- Real-time response
- Human expertise
We ensure:
- Early detection of abnormal behavior
- Controlled and precise response actions
- Minimal impact on legitimate traffic
Mitigation works when systems are prepared in advance, and engineers are ready to act in real time.