“The Big Game” Streamed Seamlessly to Millions Thanks to Netacea
Zero outages
0.0001%
The Challenge
Our client, a major US video streaming platform, had exclusive rights to air American Football’s “Big Game” in February 2024. With 120 million people expected to stream the game live, it was vital for the business to ensure uptime and stability of their platform throughout.
However, the business knew that they were at risk from attackers using the high traffic expected during the game to disguise malicious bot attacks, particularly targeting customer accounts. Automated traffic and credential stuffing attacks could not only compromise their customers, but also the stability of the whole platform.
Because customers use various devices to login and watch, from laptops and mobile phones to smart TVs and games consoles, the client needed a solution that could detect sophisticated malicious traffic disguised within these endpoints.
The customer also needed a lightweight solution that could accurately detect traffic from known bad traffic sources across their entire platform without impacting their infrastructure or operations.
The Solution
Safeguarding Login and Registration with AI-Powered Bot Protection
Netacea protected the platform against credential stuffing and fake account creation with AI-powered bot protection, analyzing every single login and registration request worldwide across all websites, apps and APIs.
Unlike tools that rely on client-side integrations, which are complex to deploy across multiple platforms, simple to bypass and inadequate for protecting APIs, Netacea plugged straight into the customer’s CDN to ingest server logs into our Intent Analytics® engine. This data was analyzed using specifically tuned machine learning models so sophisticated attacks could be blocked with confidence in near real-time.
Blocking Known Bad Traffic Across the Entire Platform with Bot Threat Feed
To keep known offenders away from their entire platform throughout this key event, the customer also integrated the Netacea Bot Threat Feed directly into their CDN.
Netacea Bot Threat Feed is a large dynamic dataset of known malicious traffic sources, collected across the billions of requests Netacea’s AI bot protection solution analyzes daily across our entire customer network. We verify and add over half a million previously unseen attack sources to the feed daily.
By using a lightweight, simple to manage integration into their security stack, the customer protected their entire platform against verified bad actors at the point of entry without manual intervention.
We also provided support both on-site and remotely to the client, ensuring they had immediate answers to any questions and reassurance of the efficacy of the Netacea solution at this crucial time.
The Outcome
During the lead-up, the game itself, and its aftermath, Netacea Bot Protection automatically blocked five million malicious requests attempting to access accounts or register new ones. False positives were incredibly low (0.0001%) meaning that genuine customers were unaffected by our highly accurate mitigations.
Around 35% of all requests to the authentication API were malicious bots, with over a million disguised as requests from Xbox consoles. As credential stuffing attacks are successful in roughly 0.1% of attempts, inadequate protection from solutions unable to monitor APIs natively could have allowed criminals to steal 1,000 accounts in this instance.
During the game, the streaming platform was also targeted by several highly volumetric attacks to other areas of their system, rapidly dwarfing their expected requests per second several times over.
With Netacea Bot Threat Feed recommendations active, they were able to identify these traffic surges as coming from known malicious actors and prevented them from reaching their critical infrastructure.
This allowed them to focus on serving real users across the entire platform during their peak time of the “Big Game” without need for manual interventions from the security or infrastructure teams.
