In this white paper, John Pescatore of SANS Institute explores how DDoS is used as part of advanced targeted attacks (ATAs) and describes how DDoS detection and prevention tools and techniques can be used against ATAs as well. Today’s DDoS attacks, as damaging as they are, sometimes mask even more threatening and dangerous advanced targeted threats. The good news is that some of the same tools that can detect the footprints of DDoS attacks can also find the telltale signs of ATAs. To be successful, though, enterprises need to coordinate their use of both types of logs and adjust their monitoring parameters correctly. They must also eliminate operational gaps, such as unclear lines of security authority, and limit the use of managed security services that can deprive enterprise security managers of the data they need to detect and stop DDoS attacks and ATAs.