DDoS protection tool for corporate clients,
state companies and security service providers
5
continents
with installations
with installations
DDoS Protection You Can Control
9 out of 10
largest Russian banks under MITIGATOR protection
15+
years of experience
in DDoS protection
in DDoS protection
6
countries
of presence
of presence
Key features
MITIGATOR detects and automatically suppresses L3-L7 DDoS attacks. It contains more than 50 countermeasures based on challenge-response, rate-based, regexp, validation, limitation, iplist, application behavior.
MITIGATOR allows protection of TLS applications without traffic decryption. It does so via various methods of TLS and JA3 fingerprints analysis. In combination with other countermeasures and a web server log analyzer, it is possible to achieve maximum protection without traffic decryption. In addition, by using the HCA countermeasure, it is possible to authenticate senders using the challenge-response method within HTTPS.
MITIGATOR supports SYN-proxy (TCP Splicing) protection when the outgoing traffic from protected resources passes through it. If there is only incoming traffic, MITIGATOR uses the generally accepted checking methods of TCP session resetting and the wrong sequence number with different combinations of flags. In addition to the standard protection mechanisms, a unique mode of operation with ISN synchronization is available, in which asymmetric traffic protection does not require unnecessary packet exchange or disconnection with the client. It supports activation of host protection only for servers under attack, which negates the impact on the traffic of other services.
Detection of attacks and protection of individual policies does not require constant direction of traffic to MITIGATOR.
MITIGATOR contains countermeasures which can describe the typical traffic behavior of the protected protocol and set the sender authentication rules. In addition MITIGATOR team has developed a specialized user authentication protocol convenient for embedding in a protected application.
Specifics of usage
Reaction speed
Rapid development
Performance
MITIGATOR constantly monitors traffic and activates filtering in less than a second if an anomaly is detected
MITIGATOR updates frequently to effectively counter current threats. Releases with new protective techniques and customer requests are issued every 2 months
MITIGATOR achieves high performance even on common server hardware. No additional accelerators required
Products and services
Инструмент для защиты от DDoS-атак предназначенный для операторов связи, хостингов, корпоративных клиентов и поставщиков услуг цифровой безопасности.
Программный комплекс для сбора и анализа телеметрии сетевого оборудования, детектирования DDoS-атак и аналитики трафика в связке с MITIGATOR. Поддерживает получение телеметрии по протоколам NetFlow v5/v9, sFlow v5, IPFIX.
Репутационные списки IP-адресов, автономных систем и JA3-отпечатков. Поставляются в форме регулярно обновляемых фидов и могут применяться не только для фильтрации трафика, но и для анализа поведения отправителя на основе его попадания в фиды.
Анализатор логов служит для защиты HTTP и HTTPS. Анализирует данные, полученные oт Web-серверов по syslog (RFC 3164), и проверяет их на соответствие заданным для политики защиты правилам.
Сервис анализа дампов сетевого трафика в целях выявления закономерностей (PCAP Signature Generator). Дополнительно сервис анализирует списки IP-адресов и JA3-отпечатки.
Облачный сервис для защиты от DDoS-атак.
DDoS protection tool designed for telecom operators, hosting companies, corporate clients and security service providers
Collector is an additionally licensed functional MITIGATOR unit designed to collect and analyse network equipment telemetry. It is mainly used for the detection of DDoS attacks and analytical reports of traffic in conjunction with MITIGATOR
Reputation lists of IP addresses, autonomous systems and JA3 fingerprints. Delivered in the form of regularly updated feeds, they can be used to filter traffic and analyze the behavior of the sender based on his hit in the feeds.
The log analyzer serves to protect HTTP and HTTPS. It analyzes data received from Web servers via syslog (RFC 3164) and checks if it matches the rules specified for the security policy
Service for network traffic dump analysis, used to identify patterns (PCAP Signature Generator). Additionally, the service analyzes lists of IP addresses and JA3 fingerprints
Service offerings for the implementation and maintenance of MITIGATOR, as well as assistance to clients in solving tasks beyond the scope of standard technical support.
Cloud DDoS protection service, designed to secure websites, applications, and networks.
Protecting against
DDoS attacks since 2009
DDoS attacks since 2009
New DDoS protection technologies are tested and used in own traffic scrubbing center
last news
14.11.2025
Key events in September and October
Highlighting the key events our team participated in.
September 26 – MITIGATOR DAY 2025 (Moscow, Russia)
October 8 – ABISS conference (Moscow, Russia)
October 13-17 – Gitex Global 2025 (Dubai, UAE)
October 22-23 – Spektr Forum (Sochi, Russia)
More information
Key events in September and October
Highlighting the key events our team participated in.
September 26 – MITIGATOR DAY 2025 (Moscow, Russia)
October 8 – ABISS conference (Moscow, Russia)
October 13-17 – Gitex Global 2025 (Dubai, UAE)
October 22-23 – Spektr Forum (Sochi, Russia)
More information
12.08.2025
v25.06 is available for installation
Version v25.06 adds: monitoring objects, flow accounting rules in protection policies, service analyzer, new TCP6 and LCON6 countermeasures, thresholds auto-tuning in countermeasures, forced leadership change button.
Enhanced functionality of countermeasures TBL, TBL6, TWL, TWL6, CRB, CRB6, LCON, RETR, TCP, MINE, SLOB, ATLS, HTTP, DNS, FRB, SERB, SORB, SORB6, BPF, USF, NCL, NCL6, HCA, and also BGP, incidents, named lists, Logan, Collector, WebC and Active Sync.
Multiple UX improvements made.
Version changelog
v25.06 is available for installation
Version v25.06 adds: monitoring objects, flow accounting rules in protection policies, service analyzer, new TCP6 and LCON6 countermeasures, thresholds auto-tuning in countermeasures, forced leadership change button.
Enhanced functionality of countermeasures TBL, TBL6, TWL, TWL6, CRB, CRB6, LCON, RETR, TCP, MINE, SLOB, ATLS, HTTP, DNS, FRB, SERB, SORB, SORB6, BPF, USF, NCL, NCL6, HCA, and also BGP, incidents, named lists, Logan, Collector, WebC and Active Sync.
Multiple UX improvements made.
Version changelog
Contact us by filling a simple form:
