Salesforce (SFCC)

At Netacea we understand bot behavior better than anyone else, thanks to a pioneering server-side approach to bot management.

Our out-of-the-box Salesforce Commerce Cartridge ensures comprehensive coverage against malicious bots across your website, mobile app and APIs without detriment to your website infrastructure, reliance on hardware or disruptive code changes.

We quickly distinguish automated threat activity including credential stuffing, scraping, carding and inventory hoarding from humans, to prioritize genuine users, with our team of experts and revolutionary, machine learning powered Intent Analytics™ engine at the heart of the solution.

Request Flow

When a visitor first hits a site protected by Netacea/Salesforce, the cartridge will query the Netacea Protector API service. If the visitor is known to be malicious, the plugin will perform the appropriate mitigation action.

A cookie containing information about the validity of a user is placed on the client’s device for further identification and checked periodically for validity. The cartridge will stream log data on the visitor and session to the Netacea Monitor Ingest Service where Netacea’s Detection Engine will perform further analysis to confirm if they are a good actor. If at any point the visitor’s activity becomes malicious the Netacea Protector API service will be updated and the cartridge will perform the appropriate mitigation.

The diagram below and supporting notes explains how traffic flows in this implementation (at a high level:

1. The visitor requests the site protected by Netacea.

2. The Netacea Salesforce Cartridge will query the Netacea Protector API service to check if the visitor is known to be malicious or safe.

3. A copy of the web request is sent as log data for analysis using our collective threat intelligence, machine learning and behavioral analysis to determine if the request is safe.

4. Analysis results are published for the Netacea Salesforce Cartridge to read and determine what mitigation strategy should be used for this traffic.

5. If the requests are benign, they are passed to the origin as normal.

6. If the requests require a mitigation to take place, the appropriate action is taken and served to the client.

Availability and Fail open

Netacea services are based on a high-availability infrastructure and have 99.9% uptime. If the Netacea endpoints go down, the Netacea cartridge will not block your requests and it will not degrade or break your page in any way. Customer navigation of the website will not be affected.