Detectify addresses the challenge of safely conducting high-volume security tests on customer systems by implementing a custom-built global rate limiter to prevent server overloads. This rate limiter operates using a blocking token bucket algorithm, which controls the flow of requests by maintaining a refillable "bucket" of tokens for each target, denying requests when the bucket is empty. The system is designed to handle a high throughput with low latency, utilizing Redis for its single-threaded operation and atomic execution capabilities. Despite evaluating existing rate-limiting tools, Detectify developed its own solution to meet specific requirements, such as dynamic individual target configurations. This implementation enables the company to safely scale its security testing efforts, ensuring customer systems are not overwhelmed while maintaining robust security testing capabilities. The solution has proven effective, managing up to 40,000 requests per second with minimal latency and error rates, and creatively logs bucket refills to monitor request limits without incurring excessive costs.