Challenge
Every month, millions of consumers across South America rely on Dafiti’s platform to purchase fashion products aligned with their personal styles. In 2020 alone, the company reached a customer base of 7.7 million users, representing a 31% increase compared to the previous year.
Ensuring that such a large digital ecosystem remains highly available and secure for customers across multiple countries is a major operational challenge. At the same time, protecting financial transactions and complying with regulations such as PCI DSS adds additional complexity to the platform’s security requirements.
Attack techniques such as credential stuffing and phishing also represent significant risks for platforms processing millions of transactions every year. According to a report from Axur, more than 2.8 million credit cards were exposed across the surface, deep, and dark web, with Brazil accounting for the largest number of leaks.
In this environment marked by sophisticated cyber threats, zero-day vulnerabilities, and strict compliance requirements in the retail sector, Dafiti needed a security solution capable of strengthening its defense posture and protecting both its digital ecosystem and user data.
Solution
Dafiti partnered with Azion to improve both the performance and security of its e-commerce platform. To achieve this, the company adopted the security capabilities of Azion Platform, combining distributed firewall protection and observability.
Using Azion’s Firewall and its modules Network Shield, Web Application Firewall (WAF), and DDoS protection, Dafiti enhanced access control across its domains — including the Kanui and Tricae stores — through:
- advanced firewall rules to protect web applications, mobile applications, and APIs using request parameters and block lists;
- mitigation of sophisticated DDoS attacks targeting network and application layers, with the ability to absorb high-volume traffic spikes;
- scoring algorithms designed to reduce false positives while identifying emerging and sophisticated threats.
As part of evolving its zero-trust security model, Dafiti also implemented Azion Data Streaming to collect WAF and security events in real time. These events are sent to analytical platforms and SIEM systems, providing deeper visibility and faster incident response.
Results and Impacts
After an implementation process that took only three days — completed without interruptions and supported by Azion engineers — Dafiti configured firewall policies protecting APIs, container clusters, websites, mobile applications, and payment systems.
This flexibility in access control allowed the company to comply with important regulatory requirements such as PCI DSS while increasing protection for customer credit card data and credentials.
One of the main impacts of adopting Azion’s Firewall was the simplification of security operations. Through automated WAF rule sets, millions of threats are now blocked automatically, enabling Dafiti’s cybersecurity team to focus on higher-value strategic tasks that require human expertise.
About Dafiti
Founded in 2011, Dafiti is a fashion e-commerce platform focused on transforming how people purchase clothing and accessories online and reshaping the digital fashion ecosystem. The company offers a portfolio of more than 400,000 products from over 6,000 brands, serving a wide range of consumer styles and preferences.
Dafiti Group is one of the leading players in Brazil’s fashion industry and operates across Argentina, Brazil, Chile, and Colombia. In addition to the Dafiti brand, the group also manages the Kanui and Tricae platforms.
Since 2014, Dafiti has been part of Global Fashion Group, a leading international network of fashion e-commerce companies operating in multiple emerging markets worldwide.