How we stopped 35.000 attacks daily - The Tactical Advantage of Threat Intelligence: A Case Study with OneFirewall
Effective threat intelligence is a tactical necessity to detect, respond, and mitigate these threats in real-time. This article presents a detailed case study of a recent engagement by OneFirewall that demonstrates the measurable impact of actionable threat intelligence.
A new member of OneFirewall (referred to as Member X) operates a B2B SaaS platform serving clients globally through three cloud providers: Azure, DigitalOcean, and GCP. Their infrastructure includes:
Two instances in Europe.
One instance in the US.
As their business expanded, so did their exposure to attacks:
22% of traffic was performing unauthorized operations (attacks).
An average of 35,000 attacks per day targeted web services and management consoles.
Security limitations identified:
Cloudflare (free plan) for CDN without advanced security features.
Direct access to management consoles without VPN.
Insufficient detection capabilities for advanced threats.
Requirements: Member X needed an immediate solution to stop the ongoing attacks without compromising flexibility in their technology stack or adopting complex security solutions.
This case study demonstrates the tactical value of actionable threat intelligence. By rapidly deploying intelligence-driven defenses, OneFirewall secured Member X’s infrastructure against a high volume of attacks without compromising performance or flexibility. This approach underlines the importance of integrating real-time threat intelligence for any online service facing continuous threats.