We propose a new software-defined security service – SENSS – that enables a victim network to request services from remote ISPs for traffic that carries source IPs or destination IPs from this network’s address space. These services range from statistics gathering, to filtering or quality of service guarantees, to route reports or modifications. The SENSS service has very simple, yet powerful, interfaces. This enables it to handle a variety of data plane and control plane attacks, while being easily implementable in today’s ISP.