We recently worked with a customer in the banking and trading business who had to deal with users complaining about being unable to make trades due to bad performance of our customer’s e-banking system. The first look at the available data made them assume they were under a Distributed Denial of Service (DDoS) attack; it almost triggered their emergency procedures including restarts of their platform, which would result in significant downtime. A closer look at the data captured by their application performance management (APM) solution revealed a different story: the business impact was caused by a technical implementation issue triggered by a single power user who executed a large number of transactions in a very short interval. This caused a performance problem with the entire platform, impacting all users. In this blog post we walk you through the steps this customer had to take and what data they needed to analyze the problem. We recount how they identified that the real root cause, which impacted their business, was not a malicious DDoS attack but of technical origin.