La Redoute Protects its Sites & Applications Against Malicious Traffic & Ensures GDPR Compliance

La Redoute’s IT teams had always been aware that bots came to visit and scan their sites.

“Before DataDome was introduced, we were addressing the issue in incident response mode. For example, whenever we noticed that an automated scan was starting to have a serious impact on our infrastructure, or when the SOC’s analysis flagged the activity as being malicious, we would temporarily block the bot’s IP address,” says Dominique Capelle, IT Operations Manager, who leads a team in charge of information security among other responsibilities.

Even though the approach proved effective, two significant events prompted La Redoute’s teams to change their practices and start looking for an artificial intelligence-based solution for protection against automated traffic.

First, the number of bots has substantially increased over the past couple of years, resulting in ever more frequent alerts and constant interventions:

“We had more and more IPs to block, and we started to see attacks coming from several hundred different IPs simultaneously. We also had to deal with a host of new bots, each one more complex than the last,” says Capelle.

Secondly, the GDPR taking effect in 2018 prompted La Redoute to tighten its security policy and strengthen its capacity to protect customer data.

Before turning to specialized anti-bot software, La Redoute’s IT teams first tested a WAF-like solution, but the results were not convincing: “We did a proof of concept with one of the market-leading WAF solutions. Unfortunately, most of the bots attacking our sites were never detected by the solution, due to their complexity.”

The team concluded that it was necessary to look beyond manually managed access rules, which are typical of WAFs, and to rely on an artificial intelligence-based solution able to take up the challenge of modern bot complexity.

Recommended by several partners and market studies, and distinguished by the International Cybersecurity Forum as cybersecurity solution of the year, DataDome quickly stood out as the best choice for La Redoute’s teams.

“Working with DataDome’s integration team was critical to the project’s success. The team’s knowledge of bot traffic and its impact on our business provided real added value during the pre-sales and POC phase,” says Mr. Capelle.

DataDome’s artificial intelligence-powered solution was first installed on the Portuguese site. The pilot phase initially allowed the teams to measure and assess the solution’s impact on applications and customers: bot identification and analysis, response times, implementation and customization of rules … This phase was crucial for enabling everyone to become familiar with the solution, and helped reassure the teams that needed to test the solution in order to trust it completely.

The full deployment of the DataDome solution was subsequently completed in less than three weeks on all La Redoute sites and applications, just ahead of Black Friday, a commercial operation that attracts significant traffic.