As someone who was considering Black Lotus as a potential service for DDOS protection, they had a number of failures during this whole episode that make it hard to take them quite seriously.
First, and most importantly, they suffered many hours of downtime to many sites hosted on their service, including their own web page, and still to this day have not tweeted or given any public statement about the incident. A lot of Googling got me some responses to customers who complained in private with weak justification about it being their upstream provider's problem and not theirs. The fact that they now estimate that it was 28GBit/s in traffic makes me even less trusting of their service, given that much larger DDOSes are flying around.
If anyone has any other services that are competitive, other than Cloudflare, I'd be interested in hearing about them out of curiosity. It seems there should be more than one company that can do this well.
defense.net and Prolexic come to mind before Black Lotus or CloudFlare. Black Lotus and CloudFlare are bottom of the bucket options compared to defense and Prolexic.
Keep in mind that Prolexic was recently acquired by Akamai, so prices will skyrocket soon.
It only works for certain kinds of sites, but if it's a site you can host on third-party hosting (as opposed to needing DDOS protection of your own network or VPS), Nearlyfreespeech.net has a pretty good track record with mitigating DDOS on sites they host. They also have a strong ethos of not blaming the customer for "provoking" the attack, or terminating them for the inconvenience.
First, and most importantly, they suffered many hours of downtime to many sites hosted on their service, including their own web page, and still to this day have not tweeted or given any public statement about the incident. A lot of Googling got me some responses to customers who complained in private with weak justification about it being their upstream provider's problem and not theirs. The fact that they now estimate that it was 28GBit/s in traffic makes me even less trusting of their service, given that much larger DDOSes are flying around.
If anyone has any other services that are competitive, other than Cloudflare, I'd be interested in hearing about them out of curiosity. It seems there should be more than one company that can do this well.