Mitigating Denial of Wallet risks with Vercel

Vercel is building controls and anomaly detection to help defend against Denial of Wallet (DoW) attacks, which focus on draining a service's operational budget by exploiting cloud scalability. DoW attacks inflate resource consumption to inflict financial damage, unlike traditional cyberattacks that target code or infrastructure vulnerabilities. These attacks exploit auto-scaling applications by generating illegitimate requests while staying below rate-limiting thresholds, leading to unnecessary scaling of cloud resources and inflated service costs. Vercel's secure by default platform provides granular API rate limiting, a Web Application Firewall (WAF) to filter malicious traffic, real-time monitoring, and configurable spending limits to proactively manage costs, as well as advanced bot protection through behavioral analysis and challenge-based verification.