Just as the military performs exercises to know how to operate before ever reaching the real battlefield, so do cybersecurity professionals. Built to handle more than 35TB of data at peak times, Netflix is not a likely target of a typical DDoS attack. But, it still needed to look at potential areas of vulnerability. By finding an uncommon way to bring down its network, it was able to better prepare its defense and create a good example for others to follow, as well.
Key to Netflix strategy was a focus on prevention. The company zeroed in on its API gateway, which is the intersection between the internet and a host of services. By stepping up its monitoring of middle-tier and backend service traffic, it could better understand behavior patterns