This report provides a risk assessment on the case of Gigantic Corporation executing a project on cloud security, specifically the DDoS detection and prevention system. It discusses various threats and vulnerabilities for cloud security, including unauthenticated utilization of data, compromise in the internet accessible management APIs, reduction in the visibility and control of data, stealing of credentials, insiders' threats, and deletion of data. The report also provides recommendations for mitigation and protection mechanisms required for information security in this project.