Detection, Mitigation & Response

Detect and mitigate DDoS attacks in under 1 second, respond automatically, and keep your users informed.

All features →
1-Second Detection
Know the instant traffic spikes. PPS checked every second.
Attack Classification
Identifies 8 attack types with protocol-level confidence scores.
Node Firewall Rules
Per-server iptables, null-routes, CDN rules & scripts.
Cloud Scrubbing
Auto-divert to Cloudflare, OVH, or Hetzner on attack detection.
BGP Mitigation
Auto-deploy FlowSpec, RTBH blackhole & rate-limiting via BGP.
Multi-Channel Alerts
Discord, Slack, PagerDuty, OpsGenie, SMS, email, webhooks.
PCAP Capture
Full packet capture with AI-powered forensic analysis.
Layer 7 Detection
HTTP flood, credential stuffing, API abuse & bot detection.
Automated Runbooks
Chain mitigation steps into automated incident response playbooks.
Analytics Baselines Threat Intel & IOC Multi-Node Status Pages Correlation Audit Log Attack Profiles Flow Collection Mirror / SPAN Mode NEW
Learn
Documentation Quick Start API Reference Agent Setup DDoS Protection Landscape State of DDoS 2026 REPORT Free Certifications NEW
Research & Guides
Mirai Botnet Kill Switch Research memcached Amplification Dynamic Baselines PCAP Forensics PagerDuty Setup
Company
About Us Partners Managed Protection Whitelabel / Reseller Affiliate Program Pay with Crypto System Status
Legal & Support
Contact Us Security Trust Center Terms Privacy SLA
Who Uses Flowtriq

From indie hosts to ISPs, see how teams like yours use Flowtriq to detect and stop DDoS attacks.

Talk to Us →
Infrastructure
Hosting Providers ISPs MSPs/MSSPs Small Operators Routers Edge Node Defense
Gaming
Game Server Hosting Game Studios
Business
SaaS Platforms E-Commerce Financial Services Compliance
Legal & Compliance

Privacy Policy

Effective: May 12, 2026  ยท  Questions? legal@flowtriq.com

Terms of Service Privacy Policy Data Processing Agreement Service Level Agreement
Summary: We collect only what we need to operate the service. We do not sell your data. You can request deletion at any time.

1. Information We Collect

Account Data

Name, email address, company name, and billing information collected at registration.

Network Telemetry

PPS, BPS, protocol ratios, connection counts, and attack metadata submitted by the ftagent running on your servers. This data is processed to detect DDoS incidents.

PCAP Files

If PCAP capture is enabled, packet captures are transmitted by the agent and stored for 7 days (standard plans) or up to 365 days (enterprise plans).

Usage Data

Log data, dashboard activity, and API call metadata used to operate and improve the service.

2. How We Use Data

  • Detect and respond to DDoS incidents on your infrastructure.
  • Provide and maintain the Flowtriq dashboard and API.
  • Send incident alerts and service notifications.
  • Process billing through Stripe (we do not store card data).
  • Improve detection accuracy and service reliability.

3. Data Sharing

We do not sell your data. We share data with:

  • Stripe: payment processing.
  • Google Analytics & Google Ads: website traffic analysis and advertising conversion measurement.
  • Microsoft Clarity: session recordings, heatmaps, and usage analytics to understand how visitors interact with the site.
  • Meta (Facebook) Pixel: advertising conversion tracking and audience measurement.
  • LinkedIn Insight Tag: advertising conversion tracking and aggregate website visitor demographics.
  • Reddit Pixel: advertising conversion tracking and campaign measurement.
  • Contentsquare: user experience analytics including session replay and interaction mapping.
  • Apollo.io: B2B visitor identification and sales intelligence.
  • Infrastructure providers: hosting and storage under data processing agreements.
  • Law enforcement, when required by applicable law.

4. Data Retention

Metric data (PPS/BPS) is retained for 25 hours in raw form and up to 90 days in aggregated form. PCAP files are retained for 7 days (standard plans) or up to 365 days (enterprise plans). Account data is retained while your account is active and deleted immediately upon account deletion.

5. Your Rights

You may request access, correction, or deletion of your personal data by emailing privacy@flowtriq.com. We will respond within 30 days.

6. Security

All data is encrypted in transit (TLS 1.2+). Passwords are stored as bcrypt hashes; API keys are stored as one-way hashes. PCAP files are stored outside the web root with restricted filesystem access.

7. Cookies & Tracking Technologies

We use a session cookie (PHPSESSID) for authentication and Cloudflare cookies for DDoS protection. We also use the following third-party analytics and advertising technologies on our marketing pages:

  • Google Analytics & Google Ads (Google LLC): measures website traffic and advertising conversions using cookies such as _ga, _gid, and _gcl_au.
  • Microsoft Clarity (Microsoft Corporation): records anonymised session replays and heatmaps to analyse site usability. Sets cookies such as _clck and _clsk.
  • Meta Pixel (Meta Platforms, Inc.): tracks advertising conversions and enables audience targeting on Facebook and Instagram. Sets the _fbp cookie.
  • LinkedIn Insight Tag (LinkedIn Corporation): measures ad conversions and provides aggregate demographic insights about website visitors. Sets cookies such as li_sugr and bcookie.
  • Reddit Pixel (Reddit, Inc.): tracks advertising conversions and campaign performance on Reddit.
  • Contentsquare: provides user experience analytics including session replay, heatmaps, and interaction mapping.
  • Apollo.io: B2B intent data and visitor analytics for sales intelligence.

These technologies may collect your IP address, browser type, pages visited, and interaction data. You can opt out by adjusting your browser cookie settings or using browser extensions that block tracking scripts. For a complete list of cookies and opt-out instructions, see our Cookie Policy.