Blackpepper Enhances eCommerce Security with Fastly’s Next-Gen WAF
Blackpepper has integrated Fastly’s Next-Gen Web Application Firewall (WAF) into its eCommerce framework, fortifying transaction security and maintaining site availability amid cyber assaults and surges in traffic.
This digital marketing enterprise, specializing in developing eCommerce solutions for multi-channel retailers across New Zealand and Australia, has implemented the security infrastructure within its AWS environments, specifically leveraging Amazon EC2 and Lambda.
This deployment is part of an expansive adoption of Fastly services that has evolved over more than ten years.
Established 25 years ago, Blackpepper is dedicated to synchronizing online and brick-and-mortar retail systems, ensuring that transactions and account updates are reflected seamlessly across all channels.
This operational model has necessitated the simultaneous management of a plethora of technical challenges, including media distribution, latency reduction across diverse geographical locations, and the escalation of cyber threats targeting online retail.
Blackpepper first ventured into utilizing Fastly in 2012 for enhanced content delivery, subsequently incorporating image services.
The company later positioned Fastly in front of its application servers to provide DDoS protection and rate limitation, culminating in the adoption of the contemporary WAF and associated security solutions in 2024.
Transforming Attack Response Protocols
A marked improvement in the handling of malicious traffic was one of the immediate benefits observed, especially regarding attacks aimed at the checkout experience.
Prior to implementing bot protection measures, team members frequently found themselves addressing recurring threats manually, often outside standard business hours.
“You have pager alerts and notifications triggering at 2:00 or 3:00 AM,” remarked Alain Russell, Chief Executive Officer and Founder of Blackpepper.
However, this paradigm shifted notably once bot controls were activated. “Since we deployed bot protection last year, we have not needed to respond manually to any attacks,” Russell confirmed.
With automated protocols now in place, threats are mitigated in real time, while Slack notifications keep staff apprised of operational developments.
Furthermore, over a span of 9 to 12 months, Blackpepper has refined its traffic management rules to enhance visibility and preclude malicious requests throughout its systems.
The synergy of the Next-Gen WAF, bot controls, and client-side defenses has empowered Blackpepper to tackle increasingly sophisticated threats, including those attempting account takeovers.
Moreover, the seamless integration with AWS has simplified the operational complexities for teams managing these ecosystems.
Addressing Demand Spikes
Retail platforms often encounter abrupt increases in activity during significant promotional events, putting their scalability and resilience to the test.
Russell cited occasions like Black Friday and Vogue Online Shopping Night as instances when traffic can surge dramatically.
“During pivotal sale periods, including Black Friday and Vogue Online Shopping Night, we routinely observe traffic doubling or even tripling instantaneously.
Fastly plays a crucial role in ensuring scalability during these pivotal times, effectively mitigating downtime and safeguarding revenue,” Russell articulated.
Fastly’s protective and real-time analytical tools have also revolutionized the manner in which Blackpepper engineers oversee infrastructure during high-demand intervals.
These tools facilitate rapid updates, such as promotional announcements or inventory adjustments, during peak trading periods.
Regional Expansion Strategies
Blackpepper has indicated that its collaboration with Fastly has significantly bolstered its expansion efforts into the UK market.
The company aimed to replicate the same rapid delivery speeds and robust security measures present in New Zealand and Australia as it ventured into this new territory, minimizing alterations to its existing operational model.
Russell has emphasized the importance of speed in Blackpepper’s commercial strategy, noting that even minimal variations in site performance can profoundly influence retail conversion rates.
“When processing 5 billion requests monthly, any performance shift can have substantial ramifications for our clients’ websites. Some clients have been astounded by the accelerated page load times,” he remarked.
He further elaborated, “In an ever-evolving eCommerce landscape, we require an infrastructure capable of keeping pace, and Fastly exceeds those expectations.”
Compliance and System Testing
Blackpepper is also leveraging the system to comply with stringent payment security regulations, especially regarding content security policies.
Russell noted that the company is on the verge of utilizing a WAF feature capable of detecting script alterations and blocking unanticipated code.
Simultaneously, Blackpepper is experimenting with edge computing for A/B testing via Growthbook, which integrates with Fastly. This initiative aims to facilitate swift user group assignments for testing, enabling JavaScript tests to be rendered closer to users.
“From the customer’s standpoint, there’s no lag or delay,” asserted Russell. “The HTML directly sourced from edge computing will inherently contain the tests.”
For Russell, the operational impact stands as the most evident gauge of the rollout’s success. “If I had to encapsulate my experience with Fastly in a single word, it would be ‘effortless’,” he concluded.
He remarked, “These solutions have fundamentally streamlined our workloads and significantly eased our operational burdens.”
Source link: Ecommercenews.com.au.
