Datadog Case Studies Detecting Malicious Activity in Real Time

Edit This Case Study Record

	Detecting Malicious Activity in Real Time Datadog

Detecting Malicious Activity in Real Time

Datadog

Technology Category	Analytics & Modeling - Real Time Analytics
Applicable Industries	Food & Beverage
Applicable Functions	Sales & Marketing
Use Cases	Fraud Detection
Services	Cybersecurity Services
Challenge	PedidosYa, a member of the Delivery Hero group, faced a challenge when the company introduced free food vouchers for new users. Users were creating several accounts from different IP addresses to receive multiple vouchers, but this behavior was difficult to pinpoint and prevent at scale. The team’s threat detection workflow at the time involved manually creating firewall detection rules for every domain they operate, which was grueling, time-consuming, and required lots of maintenance. As fraudulent activity increased, it became impossible to create individual rules for every IP address that needed to be blocked. This process led to a month-long delay in detection, which gave the malicious actors enough time to achieve their goal. Read More
About Customer	Founded in 2009, PedidosYa is a member of the Delivery Hero group and the market leader for online food ordering in Latin America. With an innovative web and mobile app, PedidosYa gives users access to 12,000 restaurants across six countries in the region. The company faced a challenge when it introduced free food vouchers for new users. Users were creating several accounts from different IP addresses to receive multiple vouchers, which was difficult to pinpoint and prevent at scale. Read More
Solution	PedidosYa selected Datadog because it offers customizable, out-of-the-box threat detection rules that facilitate comprehensive security analysis of malicious patterns across the entire tech stack. These flexible detection rules identify a wide range of attacker techniques in real time and are mapped to the MITRE ATT&CK framework. Datadog’s extensive tagging system allows users to group security signals in logical ways, such as by service, region, or IP address. This ability to group and visualize security data streamlines the threat detection process for complex systems, such as the one at PedidosYa. Datadog Security Monitoring also comes equipped with expert-built, out-of-the-box dashboards that provide overviews of all security-related data. Read More Log in to view content
Contents

Technology Category

Analytics & Modeling - Real Time Analytics

Applicable Industries

Food & Beverage

Applicable Functions

Sales & Marketing

Use Cases

Fraud Detection

Services

Cybersecurity Services

Challenge

PedidosYa, a member of the Delivery Hero group, faced a challenge when the company introduced free food vouchers for new users. Users were creating several accounts from different IP addresses to receive multiple vouchers, but this behavior was difficult to pinpoint and prevent at scale. The team’s threat detection workflow at the time involved manually creating firewall detection rules for every domain they operate, which was grueling, time-consuming, and required lots of maintenance. As fraudulent activity increased, it became impossible to create individual rules for every IP address that needed to be blocked. This process led to a month-long delay in detection, which gave the malicious actors enough time to achieve their goal.

About Customer

Founded in 2009, PedidosYa is a member of the Delivery Hero group and the market leader for online food ordering in Latin America. With an innovative web and mobile app, PedidosYa gives users access to 12,000 restaurants across six countries in the region. The company faced a challenge when it introduced free food vouchers for new users. Users were creating several accounts from different IP addresses to receive multiple vouchers, which was difficult to pinpoint and prevent at scale.

Solution

PedidosYa selected Datadog because it offers customizable, out-of-the-box threat detection rules that facilitate comprehensive security analysis of malicious patterns across the entire tech stack. These flexible detection rules identify a wide range of attacker techniques in real time and are mapped to the MITRE ATT&CK framework. Datadog’s extensive tagging system allows users to group security signals in logical ways, such as by service, region, or IP address. This ability to group and visualize security data streamlines the threat detection process for complex systems, such as the one at PedidosYa. Datadog Security Monitoring also comes equipped with expert-built, out-of-the-box dashboards that provide overviews of all security-related data.

Impact #1	Datadog played an important role in securing PedidosYa by detecting outliers and malicious patterns in real time.
Impact #2	The security team was able to create customized rules in our simple rules editor—without using a query language.
Impact #3	These rules require minimal setup and maintenance, and they also apply to all of PedidosYa’s domains automatically, which has dramatically accelerated their workflow.

Impact #1

Datadog played an important role in securing PedidosYa by detecting outliers and malicious patterns in real time.

Impact #2

The security team was able to create customized rules in our simple rules editor—without using a query language.

Impact #3

These rules require minimal setup and maintenance, and they also apply to all of PedidosYa’s domains automatically, which has dramatically accelerated their workflow.

Benefit #1	37,000 unique fraudulent users detected using Datadog Security Monitoring.
Benefit #2	Reduced Mean Time To Detection (MTTD).
Benefit #3	1 Month Time taken to build effective threat detection rules to automatically catch malicious activity across their application.

Benefit #1

37,000 unique fraudulent users detected using Datadog Security Monitoring.

Benefit #2

Reduced Mean Time To Detection (MTTD).

Benefit #3

1 Month Time taken to build effective threat detection rules to automatically catch malicious activity across their application.

Download PDF Version

Overview

Detecting Malicious Activity in Real Time

Operational Impact

Quantitative Benefit