Better security and protection for Salesforce Commerce Cloud with Instart

Better security and protection for Salesforce Commerce Cloud with Instart

Salesforce Commerce Cloud (previously Demandware) is a fantastic cloud-based eCommerce platform that lets brands create amazing commerce-led experiences without having to build, deploy, and manage a legacy eCommerce platform in house. While the Commerce Cloud platform includes an embedded CDN, it only has basic web delivery and security capabilities — so pairing it with the Instart services provides for greatly improved performance, as well as end-to-end security to protect against the latest attacks on the web.

Don’t just take our word for it – we have a number of great brands that use Salesforce Commerce Cloud with our service to improve website performance and protect their sites and users, including Kate Spade, Uggs, Brooks Running, and PacSun.

In this post, we will discuss some of the advantages provided when pairing Salesforce Commerce Cloud with Instart.

Cloud only vs. unique client-cloud architecture

Traditional web delivery systems, including the embedded CDN in Commerce Cloud, use geographically-distributed delivery locations to keep copies of the static website components, such as images and code, coming from the Commerce Cloud closer to the end users. But being closer to end users geographically doesn't count for much when the website is actually running in the end user's browser on the other end of a slow wireless connection.

In addition, the system can only see and control code and content coming from the Salesforce Commerce Cloud. Nowadays, up to 50 percent of the content on a website is provided by third-party services, which leaves a big gap in the ability to provide comprehensive performance and protection.

Instart’s architecture employs a smart, geographically-distributed cloud service with a lightweight, but powerful, JavaScript client that runs in your customer’s browser. This allows us to extend our reach all the way to the endpoint, even across challenging wireless connections to provide advanced performance optimizations and protection for your entire website — including your third-party services. Our industry-unique architecture powers many of the capabilities described below.

Basic DDoS protection vs. full end-to-end website security

The Salesforce Commerce Cloud’s eCDN only provides basic DDoS protection and a limited web application firewall. It’s mainly designed to provide protection for the Salesforce back end rather than  each individual website on the platform. But when Commerce Cloud is paired with Instart services, customers get complete end-to-end protection from advanced Layer 7 DDoS attacks, the most common web attacks against commerce sites, third-party JavaScript vulnerabilities, and advanced automated bot attacks.

An ultra-low-latency WAF optimized for eCommerce

Our service includes a high performance, ultra-low-latency web application firewall optimized for online commerce. It has been battle tested for years on some of the largest eCommerce sites on the web, giving us deep experience and insight into the protection needed to survive in today’s threat ecosystem. As a result, our protection rules cover not just common web attacks, but also unique attacks we see everyday across the many eCommerce websites using Instart.

Layer 7 DDoS protection with sophisticated security analytics and closed-loop protection rules

To help protect sites against the growing number of sophisticated layer 7 (HTTPS) DDoS attacks, Instart provides detailed security analytics that provide a real-time view of attack activity on your site. This is then paired with a powerful workflow to quickly roll out security rules to monitor, block, or throttle DDoS and general attack traffic.

Sensitive data protection from third-party code

With the dramatic rise in attacks targeting sites using third-party code, such as form jacking and other data exfiltration attacks, on eCommerce sites, Instart is unique in its ability to put a shield of protection around web forms and cookies that contain sensitive user data such as credit cards, usernames, passwords, shipping information, and more. This ensures only your code or specifically defined trusted third-party services have access to the most sensitive data that your customers share.

Advanced bot protection

Our unique client-cloud architecture allows our service to manage the full spectrum of bots — letting the good ones through, ensuring low-value ones don’t impact site performance, and blocking the bad ones from getting access. Our intelligent cloud and its powerful client use sophisticated behaviour analysis, along with browser environment fingerprinting, to accurately identify even the most sophisticated bots and stop them from breaking into your user accounts, locking up limited inventory, or stealing  from your customers' gift and credit cards.

Advanced web performance for your entire web experience

The embedded CDN in Commerce Cloud only provides basic caching (storing copies of images and code closer to the end user). Comparatively, Instart has a deep understanding of the code and content flowing through it. This allows us to provide much more advanced web performance capabilities that dramatically improve the speed of your Salesforce Commerce Cloud-powered website, including user engagement and conversions.

Image optimization

Our sophisticated image optimization system combines cutting-edge computer vision technology with endpoint device awareness to reduce the data transfer for images without impacting the quality of the visual experience. This allows you to continue using rich product imagery without slowing down your web experience.

Personalized experience acceleration

Our system contains a suite of features that accelerate personalized web pages. While the Commerce Cloud CDN can’t improve performance for these types of pages, Instart learns which portions of the HTML code are the same across all users and intelligently serves those immediately when a visitor makes a dynamic page request. We are then able to coordinate with the Commerce Cloud to deliver the personalized elements of the page as fast as possible. This gives customers the freedom to increase increase personalization on their sites without affecting web performance.

JavaScript Streaming

JavaScript helps enable app-like, engaging experiences on the web, but unfortunately it can also negatively impact performance, especially on mobile devices. Our JavaScript Streaming technology monitors the JavaScript execution patterns on your specific site and learns which code actually gets used. This enables Instart to only send exactly what’s needed to your customer’s web experience —  reducing code download and execution times. On average, Instart reduces JavaScript code sent to your end users by 40 percent!

Third-party service performance and control

As we mentioned before, half of the code and content on a website today is provided by third-party services. That’s why having visibility and control over them has become critical. Instart provides a rich set of controls to stop unreliable, or malfunctioning, services at runtime and resequence slow services until after the web page loads to ensure the fastest site performance possible.

A complete end-to-end solution for protection and performance

Take your Salesforce Commerce Cloud to the next level with Instart. When you combine Commerce Cloud and Instart together, your business will benefit from a powerful set of protection and performance capabilities that go beyond the basics of the embedded CDN. Salesforce understands customers often look for more sophisticated options and has made it easy to enable an external cloud web performance and protection service with Commerce Cloud. We can walk you through the simple integration process in minutes.

If you want to find out more about how Instart can help protect and accelerate your Commerce Cloud deployment, please get in touch with our team here.