- INDUSTRY :
Technology
- KEY PRODUCT:
WafCharm
COST SAVINGS
ROI
PROFESSIONAL
SERVICES COST
SECURITY SERVICE
Company Overview
coconala develops and operates Japan’s largest online skill marketplace, coconala, where over 3 million users can buy and sell their unique knowledge and skills. The platform offers a wide range of services, from creative work such as design, illustration, and video production to business support, marketing, beauty, and career consulting.
In addition, the company operates coconala Content market, a platform for buying and selling original digital content, as well as coconala Recruitment, an online job-matching service connecting businesses and talent.
The Challenge
Because its marketplace platform handles large volumes of personal and financial information, coconala implemented AWS WAF as part of its broader security measures.
However, with limited resources and multiple infrastructure responsibilities, the team was unable to fully leverage and optimize AWS WAF.
- Incident-driven operations: Due to resource constraints and competing priorities, AWS WAF rule configuration and ongoing tuning were not sufficiently prioritized. As a result, rule management tended to be reactive rather than proactively optimized.
- Demand for proactive security: The team recognized the need to move beyond relying solely on managed rules and adopt a more proactive approach, enabling faster responses to increasingly sophisticated and diverse threats.
The Solution
coconala chose WafCharm alongside AWS managed rules to establish a double-layered security framework and strengthen its proactive security posture.
- Layered threat protection: WafCharm blocks clear and high-risk threats such as SQL injection attempts and access from blacklisted IP addresses, while AWS managed rules help mitigate high-volume threats, including DDoS attacks and suspicious user-agent activity.
- Real-time and monthly reporting: By leveraging real-time and monthly reporting on blocked traffic, the team built a structured monitoring and analysis process, enabling them to anticipate, prepare for, and respond more effectively to future attacks.
The Results
WafCharm enabled coconala to shift from an incident-driven approach to a proactive security posture.
- Reduced manual operations: By implementing proactive security measures with WafCharm, the team significantly reduced the time spent responding to unexpected unauthorized access, cutting approximately 30 hours of manual response effort per month.
- Automated blacklist updates: WafCharm reduced the burden of manually identifying and blocking malicious IP addresses.
- Real-time Monitoring structure: WafCharm enabled a proactive security posture by establishing a real-time monitoring framework, allowing the team to quickly identify and respond to potential attacks. Together, AWS WAF and WafCharm block over 100,000 attacks per month.
- Increased visibility: The reporting functionality provided clear, actionable insights, making it easier to communicate security status and outcomes to the management team.
Conclusion
WafCharm enabled real-time monitoring of attacks and used AWS WAF to defend against approximately 100,000 attacks per month.
