Shape makes it ridiculously easy for Fastly users to identify threat levels, then delivers impressive ROI with targeted mitigation

Frank Strobel Miniatur
Frank Strobel
Published July 01, 2020

If you were to take a look at how much of your organization’s incoming network traffic is generated by bots and other automated attacks, you’d likely be astonished. No, let me rephrase that: When, not if, you take a look. Because if you’re a Fastly user, Shape’s industry-leading log analysis capabilities are just a flip of the switch away. There is zero impact on production traffic, so there is no risk of negative consequences—just straight up information gathering.

Shape’s log analysis made available through the flick of a switch is a unique service that is currently only available on Fastly, and it is one of the capabilities that sets Shape apart from other security offerings and vendors who claim Fastly integration. With this service, any Fastly user (that’s right, you don’t even have to be an existing Shape customer) can see the depth of their problem without doing any heavy lifting.

I assure you, this is not some clever scheme to scare you into purchasing costly services you wouldn’t otherwise know you even need. Far from it. Shape analysis of your Fastly logs might appear frightening for an instant, but you’ll quickly realize that identifying the enemy is the first step to eradicating the enemy. And now you’ve got them in your sights. It’s the bot operators that had better be scared.

It’s no secret that, unlike analysis, mitigation will have some impact on production traffic. Shape minimizes that impact as much as possible, but integrating any enterprise defense solution within a CDN requires that production traffic be filtered in a prescriptive manner, protecting the important APIs that are being attacked. This requires a lot of heavy lifting that involves multiple engineering and testing teams within your environment and is a highly coordinated effort.

But with analysis of your Fastly logs already in hand, you essentially have a map or forecast of where the bad traffic is focused. Log analysis is the first, easy step to understanding what Shape can do, but it also plays an integral role directing overall mitigation and fortifying your defenses.

In addition to being highly effective at blocking or eliminating bad traffic, Shape’s approach also can lead to significant savings. Depending on how badly they’re being attacked (it’s not unusual to discover that well over 50 percent of incoming traffic is from attack vectors) Shape users regularly see immediate ROI.

Oftentimes, the fraud simply stops once Shape removes the ability to perform a given attack. Other times, the root cause of persistent system crashes and slowdowns are eliminated. If you’ve ever had a team of people working to track down attack IPs, create denylists in a WAF, and chase problems that can't be solved with internal tools (the infamous "whack-a-mole" scenario), imagine the impact to your budget (and productivity) when Shape eliminates the threat altogether.

The full benefits of deploying a Shape solution are clear and compelling: You quickly slash fraud and abuse (which in turn prevents revenue loss and reputational damage); and the elimination of unnecessary traffic and burdensome false login attempts improves application performance and uptime, accelerates backend processing, and significantly reduces bandwidth costs.

It’s not every day that you’re presented “easy button” integration with minimal setup and no impact on production traffic. Go ahead and give that button a push.

Additional Resources