Back to Scenarios
E-Commerce

Global Retailer Sustains Black Friday Traffic While Absorbing an 850 Gbps-Class DDoS Attack

Global retailer sustains Black Friday traffic while absorbing an 850 Gbps-class DDoS attack.

$12M+
Revenue at risk (modeled) based on conversion-rate assumptions
99.99%
Availability objective during peak sale window (validated in simulations)
850 Gbps
Peak volumetric scenario included in testing range

The Challenge

A large e-commerce retailer preparing for peak season must maintain a seamless shopping experience during extreme traffic surges—especially at checkout. Peak events are also a common time for DDoS pressure (volumetric + application-layer) and extortion attempts. CDN-only protection may be insufficient against multi-vector attacks that target APIs, origin capacity, and third-party payment dependencies.

The Approach

  • Load-tested the end-to-end purchase journey (browse → cart → checkout → payment) to establish baseline capacity and failure modes
  • Identified bottlenecks in checkout APIs and payment-gateway integrations
  • Designed an edge-to-origin defense chain with escalation tiers (edge controls → scrubbing/managed response → origin protections)
  • Built traffic baselines and tuned detection thresholds to reduce false positives during legitimate surges
  • Validated the approach through scenario-based testing with mixed load + attack traffic

Implementation (example reference architecture)

  • Leveraged Amazon Web Services (AWS) edge controls (e.g., CloudFront policies and origin shielding strategies) for the product catalog and static assets
  • Configured AWS WAF protections including bot and credential-stuffing controls (where applicable)
  • Implemented rate-based rules with dynamic thresholds that scale with legitimate demand
  • Enabled AWS Shield Advanced and prepared escalation paths for rapid mitigation coordination
  • Built operational dashboards correlating mitigation signals with checkout health (success rate, latency, errors)

Outcomes (representative)

  • Demonstrated the ability to meet a 99.99% availability objective during peak-window simulations under combined load + attack scenarios
  • Validated resilience against an 850 Gbps-class volumetric scenario while keeping customer-facing performance within defined SLOs
  • Improved checkout reliability through bottleneck removal and tuned caching/rate limits (measured in controlled tests vs. baseline)
  • Reduced customer-visible errors during simulated multi-wave attack periods across the peak sale window

Ready to validate your DDoS resilience?

Scenario-based testing. Resilience engineering.