Eastern Europe’s Top eCommerce Marketplace achieves 35% decrease targeted attacks and get robust user data protection with Loglix Managed Security services

‍Business overview & challenge

One of the largest eCommerce companies in Eastern Europe was founded as an online bookstore, but has since expanded its operations to offer a wide range of products, including electronics, household appliances, clothing, and more. In addition to e-commerce operations, Marketplace has also expanded into other areas, including fintech and digital services and has launched its own payment system. eCommerce Marketplace has over 10 million active customers, and it has listed on the NASDAQ Global Select Market.

Operating in a highly competitive market, eCommerce has become a regular victim of targeted attacks that exploit features and vulnerabilities in web application business logic and led to increase digital services downtime. Identifying vulnerabilities was complicated by active adoption of a microservice architecture across all digital services in Marketplace’s ecosystem.

‍Solution

Marketplace approached Loglix, the managed services provider, to provide:

 1. Continuous application security monitoring for rapid detection of the following types of hacker attacks:

• Distributed denial of service attacks (DDoS attacks);
• Attempts to compromise web applications by exploiting vulnerabilities (programming code bugs) in web applications, web servers, and protocols;
• Scanning of web applications to find vulnerabilities;
• Targeted attacks that exploit features and vulnerabilities in web application business logic.

2. Help Marketplace's in-house security team to prevent and respond to targeted bot and DDOS attacks and protect critical data without affecting legitimate users.

To provide Managed Web Application Security 24/7 service, Loglix has chosen proven products from Imperva - Web Application Firewall, Advanced Bot Protection,Account Takeover Protection, and DDoS Protection.

Loglix successfully deployed Imperva tools in Marketplace's infrastructure and configured security monitoring under the customer CI/CD pipeline.

To successfully defend against attacks without affecting legitimate traffic and without introducing false positives, Loglix regularly audited the business logic of the Marketplace's digital services as part of its Application Security Managed Service offering, and customized Imperva solutions to meet the customer's changing business specifics, including continuous customization works:

• 24/7 traffic monitoring to identify attack signatures;
• Developing custom policies to block unauthorized traffic based on detected attack signatures;
• Constant updating of developed policies and traffic-blocking rules;
• Configuring Per-Path policies for different groups of websites and digital services;
• Creating and updating the blacklist of IP users;
• Configuring and developing custom dashboards;
• Investigating incidents according toMarketplace's runbook.

Web application security and web application availability are highly contingent. A successful web application attack may not only put users' data at risk but may result in revenue loss due to digital services interruption and unavailability as well. Since Loglix provides comprehensive managed services, including Full stack performance monitoring services, and Loglix 's team includes DevOps and SRE engineers, even within the managed security services, we involve our DevOps and SRE engineers to improve the resilience of servers and other components of the customer's IT infrastructure as an extra service free of charge.

Results

By constantly tuning security monitoring tools to suit Marketplace's digital services business logic, the Loglix team provided proactive detection and blocking of illegitimate traffic, resulting in a significant decrease in targeted attacks for 35% as it became increasingly difficult for hackers to execute successful attacks and reduce issues resolution from days to 20 minutes.

The most immediate benefit of Loglix for the customer was its impact on reducing digital service downtime for 40% and preventing incidents related to user data leakage, as well as identifying root cause of server performance degradation up to 90% quicker even when it was not related to security incidents.

With Loglix Managed Web Application Security 24/7 service, Marketplace was able to push its digital services to production faster, at scale, and with security onboard.

As Loglix supplements and strengthens eCommerce's security team by offering proactive web application security monitoring and helping in troubleshooting, vulnerability backlog immediately became less critical, customer teams get more time to fix vulnerabilities and more time to ensure the secured launch of new eCommerce services which made it possible to improve Time to market.