Code Room
System designHardsd-g677
Subject SecurityLevel Senior–Staff~45 minCommon in Security · Networking & APIs · Reliability & on-call interviewsIndustries Technology

Question

Design an edge bot- and abuse-detection system for a global CDN/web platform serving 5M req/s across 250 PoPs. It must score every request in under 1ms of added p99 latency, block credential-stuffing, scraping, and L7 DDoS, and adapt to new attack patterns within minutes. Threat model: distributed residential-proxy botnets that rotate IPs, mimic real browsers, and stay under any single-IP rate limit. You may emit a JS/TLS-fingerprint challenge but must keep human friction near zero. Walk through detection signals, where decisions are made (edge vs central), and how models are trained and pushed.

What a strong answer looks like

Clarify scale and constraints first. Propose a clean component breakdown, then go deep on the hard parts — data model, bottlenecks, consistency, failure modes — and name the trade-offs you are making.

Narrate your design
Loading whiteboard…
Run or narrate your approach, then ask the coach.