Download PDF
Signal Sciences > Case Studies > BloomNation: Enhancing Website Security and Performance with Signal Sciences
Signal Sciences Logo

BloomNation: Enhancing Website Security and Performance with Signal Sciences

Technology Category
  • Cybersecurity & Privacy - Application Security
Applicable Industries
  • Equipment & Machinery
  • Semiconductors
Applicable Functions
  • Maintenance
Use Cases
  • Traffic Monitoring
  • Transportation Simulation
The Challenge
BloomNation, an online retailer delivering fresh flowers from local florists across 5,000 cities and towns in the United States, was facing a significant challenge in late 2019. The company's national profile had been boosted after being listed on Built In LA’s 50 Best Small Places to Work list, which unfortunately attracted malicious actors to their website on a larger scale. BloomNation was experiencing a flood of abusive attack traffic, including DDOS, SQLi, XSS, and credential stuffing, from malicious actors attempting to scan their web applications. This situation had a significant impact on the organization, with engineers spending time away from building and deploying product features to manually research and block IP addresses to keep the website up. The influx of traffic also negatively impacted the customer experience, with page load times slowing and the site breaking as attack requests increasingly hit their server instances.
About The Customer
BloomNation is an online retailer that delivers fresh flowers directly from local florists. Founded in 2011, the company serves customers in 5,000 cities and towns across the United States. In late 2019, the company was listed on Built In LA’s 50 Best Small Places to Work list, which boosted their national profile. However, this also attracted malicious actors to their website at a much greater scale, leading to a flood of abusive attack traffic. This situation forced the company to divert resources from product development to manually blocking IP addresses and managing the influx of traffic, which also negatively impacted the customer experience.
The Solution
BloomNation turned to Signal Sciences for a solution to their problem. With Signal Sciences' rate limiting features, BloomNation was able to easily identify malicious traffic and stop it from hitting their servers, thereby reducing resource utilization and improving customer experience. At the peak of their attacks, BloomNation was dedicating three engineers to triaging web attacks a few days a week. However, Signal Sciences' tagging and filter features enabled BloomNation to categorize traffic through custom signals, freeing them from manual operations related to identifying abusive web requests. Furthermore, while BloomNation was able to block IPs from further attacking their applications, the initial requests were still hitting their servers, causing considerable strain on their load balancers, which saw up to 90% CPU consumption. Signal Sciences' rate limiting was able to stop these requests, speed up page load times, and prevent sites from being unavailable for legitimate users.
Operational Impact
  • The implementation of Signal Sciences' solution had a transformative effect on BloomNation's operations. The company was able to shift its focus from manually identifying and blocking attack traffic sources to building and deploying product features. The solution also improved the customer experience by speeding up page load times and preventing site unavailability. Furthermore, the team has not had to access their load balancer since implementing Signal Sciences, indicating a significant reduction in maintenance efforts. The tools and features provided by Signal Sciences also allowed BloomNation to plan out best practices as the company grows, providing a forward-looking approach to application security.
Quantitative Benefit
  • Reduced CPU consumption from 90% to a significantly lower level
  • Eliminated the need for three full-time engineers to triage web attacks
  • Significantly improved page load times

Related Case Studies.

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.