Throughout this presentation, we will together trace the story of an attack targeted at an e-commerce system. I will share my experiences, attempts at mitigation, and the conclusions we drew from this incident to improve our defenses.
Analogous to passport control at a border, we decided on a security method that relies on verifying the user through the analysis of unique browser characteristics - a digital fingerprint, instead of solely relying on traditional security methods.
I will discuss why it’s valuable to filter traffic as close to the client as possible, increasing the efficiency of our defensive strategy. We will explore the defense capabilities using WAF. Special attention will be given to JA3, approach to threat-related request identification. I will cover how the JA3 token is created, the benefits it brings to security strategies, and how its application helped us eliminate a threat. We will also look into why we decided against implementing ATP in our defense strategy.