Visão Geral

Este Curso Cloudflere DDoS Attack Types and Mitigation aborda os tipos de ataques DDoS (volumetric, protocol e application-layer), como eles impactam infraestruturas modernas e as estratégias de mitigação usando as capacidades da plataforma Cloudflare (e ferramentas complementares). Os participantes aprenderão a identificar vetores de ataque, projetar defesas em múltiplas camadas, aplicar regras de WAF, rate limiting, bot management, Magic Transit e “Under Attack” actions, e montar playbooks de resposta a incidentes com foco em resiliência e continuidade dos negócios. Cloudflare+1

Objetivo

Ao concluir este curso, o participante será capaz de:

• Entender e classificar os principais tipos de DDoS (volumetric, protocol e application-layer). Imperva+1
• Projetar uma defesa em camadas para proteger aplicações do tráfego malicioso. Cloudflare
• Configurar e aplicar políticas de mitigação no Cloudflare: rate limiting, WAF managed rulesets, bot management, Under Attack mode e Magic Transit. Cloudflare+2Cloudflare Docs+2
• Monitorar e responder a incidentes DDoS com playbooks, métricas e integração com sistemas de observabilidade (logs, métricas e alertas). Cloudflare Docs

Publico Alvo

• Profissionais de segurança (SOC), engenheiros de rede/cloud, administradores de infraestrutura, arquitetos de soluções, SREs e DevOps que precisam proteger serviços web, APIs e infraestruturas contra ataques DDoS.

Pre-Requisitos

• Conhecimentos básicos de redes (TCP/IP), HTTP e arquitetura de aplicações web.
• Noções de cloud (AWS/Azure/GCP) e experiência com configurações de DNS e balanceamento.
• Desejável: experiência prévia com Firewalls/IDS ou CDNs.

Materiais

Conteúdo Programatico

Module 1: DDoS Fundamentals

1. Definition and goals of DDoS attacks
2. Categories: volumetric, protocol, and application-layer attacks
3. Common vectors: UDP/TCP floods, SYN/ACK floods, DNS amplification, HTTP floods, Slowloris, and botnets
4. Impact on availability, latency, and downstream services. Imperva+1

Module 2: Anatomy of a DDoS Attack

1. Attack lifecycle and reconnaissance techniques
2. Measuring attack scale: bps, pps and connections/s
3. Multi-vector attacks and layered escalation strategies
4. Case studies of large-scale attacks and lessons learned. PC Gamer+1

Module 3: Cloudflare Platform Capabilities

1. Overview of Cloudflare’s DDoS protection approach and global edge network capacity. Cloudflare
2. Network-layer protections (L3/L4) and managed rulesets. Cloudflare Docs
3. Application-layer protections, WAF, managed rules and rate limiting. Cloudflare Docs+1

Module 4: Practical Mitigations — Configuration and Tuning

1. Implementing rate limiting and thresholds for APIs and login endpoints. Cloudflare
2. Creating WAF rules (managed + custom) and API sequencing rules. The Cloudflare Blog
3. Bot Management: detection, challenge flows and automated blocking
4. Using “Under Attack” mode for high-risk L7 surges and Magic Transit for network-level defenses. Cloudflare Docs+1

Module 5: Edge + Origin Resilience

1. Traffic filtering at edge vs origin hardening (rate limits, connection limits, autoscaling)
2. Origin while-onboarding: shielding origin with Cloudflare and configuring health checks
3. DNS best practices to minimize DNS amplification and DNS floods. Cloudflare+1

Module 6: Observability and Incident Response

1. Key telemetry: traffic baselines, anomaly detection, pps/bps/response time dashboards
2. Integrating Cloudflare logs with SIEM, Prometheus/Grafana and alerting rules
3. Runbooks and incident playbooks: mitigation steps, safe rollback and communication templates. Cloudflare Docs

Module 7: Hands-On Labs

1. Lab 1: Simulating a traffic spike (safe, synthetic) and applying rate limiting + WAF rules.
2. Lab 2: Configuring Bot Management and validating challenge flows.
3. Lab 3: Enabling Under Attack mode and observing mitigation behavior.
4. Lab 4: Integrating Cloudflare logs with a SIEM (demo) and creating Grafana dashboards.

Module 8: Advanced Topics & Best Practices

1. Multi-cloud and hybrid scenarios: protecting services across providers
2. Cost vs. protection trade-offs; SLA considerations and vendor selection
3. Legal, forensics and attribution basics after a large-scale DDoS event
4. Preparing long-term resilience: progressive hardening and table-top exercises.