Cloud resource limits

To mitigate Denial of Wallet (DoW) attacks, wherein an attacker exhausts the budget of a cloud-hosted system, operators should limit resources that scale with traffic, such as virtual machines with auto-scaling and serverless functions. However, it’s crucial to find a balance for each limit set, weighing the risk and impact of a DoW attack against materialising a DDoS attack.

See also

• Unmetered DNS lookups.
• Rate limiting.