The growth and ubiquity of the Internet have changed the world in numerous ways, one of which is giving rise to the necessity of being vigilant about information security and cyber threats. As threat actors have become more sophisticated and new threats are emerging constantly, meeting information security objectives requires taking advantage of the latest technologies and tools. This paper focuses on a popular technology that can improve the way security is achieved: software-defined networking (SDN). Thanks to its flexibility, cost efficiency, and suitability for incremental deployment, SDN provides a practical means of developing effective security solutions. Through an extensive survey of the literature, we develop a taxonomy for SDN-based solutions to common attack types, identify the security primitives utilized in these studies, and categorize proposals by cyber threat category. Furthermore, we present a quantitative evaluation of the reviewed studies according to threat category, defense type, strategy, techniques, and deployment details. Finally, we discuss various challenges and potential research questions to be investigated in this area. (c) 2020 Elsevier B.V. All rights reserved.