A method, apparatus and computer program to protect an application in an underlying multiprocessor computing system, e.g., one in which a processor has local memory available but can access memory assigned to other processors. In operation, a set of hardware characteristics for the underlying computing system are extracted. These characteristics preferably comprise processing power, available memory, and a topology. For each hardware characteristic, an operating limit for that characteristic is determined based at least in part on a baseline value that is determined for the application with respect to the hardware characteristic. Based on the operating limit determined for each hardware characteristic, a recommended limit for a system feature (e.g., network traffic) of the underlying computing system is computed. Thereafter, and during runtime execution of the application, the recommended limit is then enforced, e.g., by dropping excess traffic or spinning up additional application instances, to protect the application.