This case study describes how Poshmark addressed a surge in automated account takeover attacks driven by credential stuffing as its marketplace rapidly grew. Attacks targeted both web and API applications, and existing CAPTCHA-based defenses disrupted legitimate users and increased friction during login and signup. To balance security and user experience, Poshmark deployed the Cequence Unified API Protection platform on AWS. The solution enabled real-time, inline blocking of malicious bot traffic before it reached applications, while significantly reducing reliance on CAPTCHA challenges. As a result, Poshmark reduced CAPTCHA usage by over 99 percent, blocked more than 609,000 attempted ATO attacks, improved platform reliability and scalability during peak events, preserved marketplace inte

Join for free to read