During the data collection period, Cloudflare said that it mitigated 6.8% of all web application traffic. It defines mitigated traffic as any “traffic that is blocked or is served a challenge by Cloudflare. The specific threat type and relevant mitigation technique depends on many factors such as the application’s potential security gaps, the nature of the victim’s business and the attacker’s goals.”

Examples of an attack over the study period, it states, included the Anonymous Sudan group, launching “politically motivated DDoS attacks against banks, universities, hospitals, airports, social media platforms, government agencies and others worldwide.”

In the release, company co-founder and CEO Matthew Prince said that “web applications are rarely built with security in mind. Yet, we use them daily for all sorts of critical functions, making them a rich target for hackers.”