Challenge
Netshoes is one of the leading sports lifestyle e-commerce platforms in Latin America, receiving approximately 54 million unique visitors every month. Delivering a seamless shopping experience to such a large audience presents multiple operational challenges, many of them related to security.
Retail is one of the industries most affected by cybersecurity incidents. Most vulnerabilities occur in internal networks (54%), e-commerce applications (22%), and cloud environments (20%), while 74% of attacks target credit card data.
A successful attack has a 53% probability of causing financial losses exceeding R$2.5 million due to fraud or service disruption. Threats such as credential stuffing and phishing campaigns continue to evolve in complexity, requiring advanced protection strategies.
To address these risks, Netshoes needed intelligent security capabilities capable of protecting its digital commerce ecosystem without compromising performance or customer experience.
Solution
Netshoes adopted Azion Platform to strengthen both the security and performance of its e-commerce infrastructure, leveraging Azion’s Web Application Firewall and distributed security capabilities to detect and mitigate threats in real time.
The flexibility of Azion WAF allows Netshoes’ security teams to implement advanced defense strategies, including the deployment of multiple WAF instances tailored to specific applications and vulnerability points.
This approach enables Netshoes to design firewall rules at different levels and customize protection mechanisms to:
- identify and mitigate bad bots: currently, 24% of global web traffic is generated by malicious bots, while 79% of companies struggle to distinguish them; Netshoes uses advanced rules to detect and block these automated threats;
- protect mobile APIs: with millions of users accessing the platform through smartphones, WAF plays a key role in protecting customer data regardless of the device used;
- prevent attacks targeting e-commerce applications, including OWASP Top 10 vulnerabilities and zero-day threats.
In addition to WAF rule sets managed by Netshoes’ security teams, observability and threat intelligence are reinforced through Azion Data Streaming and Network Lists.
Data Streaming integrates with leading SIEM platforms, providing real-time application logs and event data that help Netshoes continuously improve its security posture.
Network Lists simplify the management of IP addresses accessing the platform. Through the platform interface or APIs, Netshoes can create custom lists while also leveraging automatically updated threat intelligence feeds from Azion.
Results and Impacts
During the first half of 2020, Netshoes automatically blocked more than 4 million cyber threats using Azion WAF, without affecting service availability or the shopping experience of millions of customers.
Most of the mitigated attacks consisted of SQL injection attempts and cross-site scripting (XSS), both among the most critical vulnerabilities listed in the OWASP Top 10.
To support data-driven security strategies, Netshoes collected approximately 385 TB of application event logs using Azion Data Streaming integrated with its SIEM platforms.
Running workloads across Azion’s distributed infrastructure also significantly reduced the load on origin systems. Netshoes offloaded 84% of request processing, representing more than 200 billion requests handled by Azion, equivalent to around 18,000 requests per second.
This architecture improved:
- service uptime and reliability;
- efficiency in blocking malicious requests;
- speed of DDoS attack mitigation;
- application performance with ultra-low latency.
These gains are made possible by the multilayer security architecture of Azion’s global infrastructure, which is monitored 24/7 and provides the resilience Netshoes needs to deliver secure shopping experiences.
About Netshoes
Netshoes is the largest sports lifestyle e-commerce platform in Latin America and one of Brazil’s most recognized digital brands. Founded in 2000, the company manages several online stores, including Zattini and Shoestock, as well as official online stores for the NBA and major Brazilian football clubs.
Recognized as one of the top e-commerce companies in Brazil, Netshoes continues to invest heavily in digital transformation and technology innovation to scale its operations and deliver high-performance digital experiences.