KaBuM! Cuts Infrastructure Costs & Saves Hours a Day With DataDome
The Challenge: Bad bot traffic was inflating infrastructure costs
“What sparked our decision to start looking for a bot protection solution was a very high volume of malicious requests to certain endpoints, in particular our login page,” says Felipe Escudeiro, CTO at KaBuM!. “The problem had been steadily growing over some time, and it had come to a point where the methods we had been applying were no longer efficient enough.”
Before implementing DataDome, the team was using a web application firewall to block unwanted bot traffic, but mitigating attacks was an everyday challenge.
“Our process was more responsive than proactive,” explains Diego Ribeiro Dias, Infrastructure manager at KaBuM!. “Our telemetry tools would reveal unusual behaviors in our ecosystem that triggered deeper investigations, and we would find lots of requests to specific endpoints with suspicious headers, cookies, or other parameters. Then we had to fine-tune our throttling configuration and WAF rules for various combinations of headers, IP addresses, geolocation, etcetera.”
The team’s efforts were often in vain: the next day, the hackers would be back with new headers, from new IP addresses, and the work had to start all over again. Worse, the rules-based restrictions they applied would sometimes inadvertently prevent good bots, such as the Google bot, from doing their essential job.
Worst of all, the unwanted bot traffic could consume up to a third of KaBuM!’s infrastructure resources.
“Our infrastructure is autoscaling, so if an attack impacted our website performance, it would quickly be restored—but it had a price,” says Diego. “Not only did we have to pay for all the extra inbound traffic; a heavy attack could also result in the launch of a new instance, which would escalate the costs even further.”
The Solution: Non-intrusive bot protection with Lambda@Edge
To better mitigate the improper access issues and bring the needlessly high infrastructure costs under control, the team started to look for a third-party solution. They initially tested two different solutions in parallel, but one of them soon proved unsatisfactory.
“We wanted a non-intrusive tool that would easily integrate with our environment, and that’s exactly what we found with DataDome,” says Diego. “To install it, we just created a Lambda@Edge function in our AWS console and injected the JavaScript tag, and DataDome was up and running with no changes to our own environment.”
During the free trial period, the potential benefits of the solution quickly became clear.
“We knew that we had a lot of bad bot requests, but before installing DataDome, we couldn’t measure exactly how many or what they were doing,” says Diego. “With the DataDome dashboard, we finally had a complete overview, with all the information we were looking for.”
“When we discovered the true magnitude of our bot problem, the decision to move forward with DataDome was easy,” Felipe confirms. “The infrastructure cost savings we could realize by eliminating bad bot requests were actually very similar to the cost of the license.”
The Results: Substantial time savings, lower infrastructure costs
Before KaBuM! activated the DataDome protection, the team could spend 2-3 hours every day checking logs and creating manual rules. Today, they only check the dashboard once a day or so to keep a finger on the pulse of their automated traffic. If anything unusual happens, they will get an email notification, but they no longer need to take any action.
“Thanks to the notifications, we can see that the solution is working. When I log in to the dashboard now, it’s mostly to keep an eye on the metrics,” says Felipe. “But I also like how easy it is to turn the protection on and off. For example, before Black Friday, we ran a series of stress tests. It was extremely easy to switch off DataDome, proceed with our testing, and switch it back on again as soon as we were done.”
Most importantly, the dashboard data confirms that KaBuM! has achieved their original goal. By eliminating unwanted bot requests to the site, they have realized considerable infrastructure cost savings. Now, their cloud bill supports only real customer traffic, instead of servicing bots with criminal intentions. “With the cost savings we make, the DataDome solution pays for itself”, Felipe confirms.
Finally, he reveals an unexpected benefit. “We think that DataDome helped us achieve better results during the last Black Friday sales by stopping bots from putting products in the shopping cart and never checking out,” he says. “Looking at historical data, our conversion rates tended to be a little lower every year, but last year the trend turned around. We can’t be 100% sure, because consumer behaviors have also changed, but we believe that DataDome contributed to the improvement by making sure all our orders were placed by people, not bots.”