Shiekh Shoes sells cutting-edge sneakers and streetwear to an avid base of young customers. Based in Ontario, California, the company has 79 stores around the United States and a multi-million dollar online platform that comprises nearly 20% of the company’s revenue.
Shiekh’s weekly online releases of hot new sneaker and clothing products drew many thousands of web shoppers seeking access to in-demand gear. The massive spikes in traffic sometimes drove Shiekh’s sites offline or slowed response times to a crawl. Customers noticed and complained. During these product drops, bot operators bombarded the sites with automated attempts to purchase items as quickly as possible. Malicious bot operators would then turn around and resell their purchases in online marketplaces, such as eBay, for significant markup over the list price. The attacks would start days before the actual hot product drop and not end for a day or two after. Another problem was massive account takeover attacks (ATO). Botnet operators bombarded the login page with attempts to access customer accounts in order to validate email and password pairs. This compromised credit card information and allowed malicious hackers to place fake orders, request fraudulent refunds and returns, or simply sell the validated account information and credit card data on the Dark Web.
We were very impressed with how responsive the PerimeterX and Fastly teams were to get us this protection so quickly and solve our pain before any real damage was done. Since then, the product has performed exactly as we expected, accurately screening bots but not impacting real users. We don’t worry about bots on the weekends anymore.
As soon as it became clear that bots were damaging Shiekh’s reputation, forcing customers to seek products from other vendors, and killing performance, the company began to research possible solutions. Shiekh required integration with the company’s CDN provider Fastly because Shiekh did not want to make any code or configuration changes on their origin web servers. They also required a SaaS solution rather than on-premises because this would not require maintenance on their end and would be easier to manage and scale.
PerimeterX Bot Defender met all the company’s requirements. The company was impressed with the simplicity of installation and the dynamic coverage of even the latest types of bot attacks. Whether it was a well-known sneaker bot or something completely new to the market, Bot Defender was able to stop the attack. On top of that, unlike other products, Bot Defender could accurately predict whether a visitor was a bot before Fastly served a webpage, potentially saving infrastructure costs.
Two days before a major Thanksgiving Sale Shiekh decided to implement Bot Defender to stop bot attacks quickly to avoid site outages during the largest online shopping weekend of the year. Within 24 hours Shiekh worked with the PerimeterX technical team to integrate Bot Defender into Shiekh’s Fastly CDN configuration files. Filtering bots from Shiekh’s sites also made real customers happy because it allowed them a much better chance of purchasing in-demand products. Bot Defender was blocking over 99% of bot visitors within 24-hours of deployment. This allowed the company to stop worrying about unplanned outages and instead to provision additional web and network capacity for events to serve actual human shoppers. By predicting which visitors were bots and ignoring their page requests, Bot Defender saved considerable hosting and bandwidth costs.
To stop the account takeover attacks, Shiekh also turned to PerimeterX for a rapid deployment. PerimeterX stood up ATO protection in less than 48 hours, effectively shutting down the attack and sending the malicious hackers away. PerimeterX was blocking over 99% of bot visitors within 24-hours of deployment, allowing Sheikh’s to concentrate on infrastructure improvements and other core initiatives to drive growth rather than fight malicious bots.
PerimeterX easily met all of our requirements. We were impressed with the simplicity of the installation and the dynamic coverage for the latest generation of bot attacks.
Using machine learning and behavior-based analytics, PerimeterX solutions detect and block automated bot attacks and client-side threats with unparalleled accuracy. Your online business is protected while preserving user experience and page response times.
PerimeterX is cloud-based and platform-agnostic. Using machine learning, we constantly update our library of attack patterns based on interactions with applications, fingerprints from devices and network characteristics to protect against the next new threat.
To keep watch over your web and mobile applications and APIs, PerimeterX functions as an extension of your team and provides responsive, best-in-class service and around-the-clock security analyst oversight.