DDoS/DoS Attack Protection for Applications Deployed in MuleSoft CloudHub

What are the alternative solutions to increase the security of applications deployed in CloudHub?

There are several measures that one can take to increase the security:

• Implement Anypoint Filter Processor IP Whitelist Alternative for Mule 4 inside the Mule application.  
• Implement API Policies on an API Proxy that only allows incoming requests from known good IPs, or requests that carry client ID / Secret (available with API Manager subscription).
• Use Dedicated Load Balancer (available with DLB subscription), which has facilities to add IPs to allow-lists to block requests before they reach your application. 
• Use VPC configurations that do not allow public Internet access so only internal connected networks can reach your workers. 

We are observing requests to non-existent endpoints in our API in the logs. Is it a vulnerability issue and what are the recommendations in this case?

Any Internet application is exposed to phishing attempts. It is unlikely you are being specifically targeted. Mule will automatically filter any incoming request that does not have a valid path. Of course, this doesn't stop the request from being made. 

The recommendations, in this case, are the same as in the previous question. Additionally, please up-vote the following Idea:

• Provide full Distributed Denial of Service (DDoS) protection