That's a great question @vivek yadav

DDoS attacks are becoming larger and more common. Recent attacks have seen record setting levels of traffic and predictions are that it will continue to get worse.

How does Apigee approach DDoS defense?

Network Level Defense: The Apigee Edge managed cloud platform is currently deployed and operated by Apigee (Google), on GCP (Google Cloud Platform) and AWS (Amazon Web Services), and therefore leverages DDoS defenses offered by both cloud hosting providers, at a network level.

Policies enforced within Apigee Edge: Apigee Edge can be used for implementing policies that protect customer APIs from attack. These policies are enforced on the API proxy that sits between an API client and the customer backend, and include policies such as Quotas, Spike arrests, Concurrent Rate Limiting, XML and JSON injection protection, and other policies that can be written to defend against specific attacks. See: http://docs.apigee.com/api-services/content/rate-limiting http://docs.apigee.com/api-services/reference/reference-overview-policy

Bot Detection through Apigee Sense: Apigee (Google) offers a Bot Detection service called Apigee Sense. Sense is an intelligent data driven API security product that detects and protects APIs from malicious or unwanted traffic. Sense provides another layer of protection by automatically identifying suspicious API client behaviors, upon which administrators can apply corrective actions in order to maintain user experience as well as protect backend systems. Sense is specifically built to address the requirement you mentioned. For further information, see: http://docs.apigee.com/sense/content/what-apigee-sense

Hope this helps!