Service for comprehensive protection of websites and applications from cyberattacks, as well as for accelerating their performance
Creation Context
As experts in the field of information security, we had a clear understanding of the market: Russian businesses were left without quality website protection solutions. It is no longer possible to work with foreign services, and there is a shortage of worthy domestic alternatives
That's why we decided to create an all-in-one domestic service that addresses the key needs for protecting and accelerating web resources
Ban on foreign vendors: created a vacuum in the web resource protection market
Increase in cyberattacks: rising frequency and complexity of DDoS attacks and hacking attempts
Management complexity: existing solutions require deep technical knowledge
High cost: maintaining an in-house security team or purchasing expensive security solutions is inaccessible to many
Stage 1
Research and Analysis
To create a service of Cloudflare's caliber, but for the Russian market, we began not with code, but with in-depth research
We studied what global leaders in security are doing and combined that with an understanding of our business's needs
User Research
Method:
In-depth interviews with system engineers and administrators — the direct users of such services
Finding:
A single, intuitive control center with maximum process transparency is needed
Competitive Analysis
Analyzed 10+ domestic and foreign platforms along two key vectors:
1. Functionality Analysis:
• Module composition (WAF, AntiDDoS, CDN, DNS)
• Capabilities of each module
• Management and integration convenience
2. Pricing Policy Analysis:
• Package structure
• Pricing models (subscription, pay-per-traffic, one-time payment)
• Presence of hidden fees and limitations
Identified gaps in the market offering:
• Either a powerful but incredibly complex and expensive enterprise product
• Or a simple one with limited functionality, unsuitable for serious business
Our niche:
A powerful yet easy-to-use "all-in-one" service for small and medium businesses that scales to meet corporate-level challenges
Challenges
Feature Completeness vs MVP
How to filter out the noise and retain only the most critical functionality for the user in the first release, as defined by the research?
Complexity → Simplicity
How to translate the insights from the interviews into an intuitive interface where key settings are made in 3 clicks?
High Cost → Affordability
How to offer enterprise-level protection to mid-scale businesses without huge capital expenditures?
Unknown Threats
How to protect against not only known vulnerabilities but also zero-day attacks?
SheetsGPT
We have a successful product, SheetsGPT, which demonstrates our ability to create complex technological solutions with a simple interface
Stage 2
Focus and MVP Design
To avoid spending time and budget on developing unnecessary functionality, we started with rigorous prioritization
Feature Prioritization
From over 200 potential features, we selected only the most critical 40% for the MVP using the RICE method (Reach, Impact, Confidence, Effort)
Architecture Design
USM (User Story Map)
Visualized the entire product functionality on a single map, giving the team a complete understanding of the scope and enabling flexible priority management
Sitemap & Information Architecture
Built a clear section hierarchy, allowing users to intuitively find the necessary functions without training
User Flow (20+ scenarios)
Detailed every user step: from login to configuring resource protection. This helped eliminate interface "bottlenecks" even before the design phase began
Stage 3
Design and Visualization
We created not just a "beautiful" interface, but a thoughtfully designed security management system where every element is subordinate to logic and functionality
Design solutions are based on an analysis of user scenarios and data, not subjective preferences, ensuring efficient interaction with the service
/Branding
Naming concept
Basalt + Technology = Basaltek
Basalt is a durable volcanic rock symbolizing reliability and impenetrable protection, and technology is our tool for creating a "digital basalt" for business. This is a metaphor for protection born from the fire of innovation
Logo
An icosahedron — the complex crystalline structure of basalt—cleaved by a line of bright orange lava
2 logo variants:
Textual-Graphic
Graphic
Adapted for different media
Physical: brochures, business cards, roll-up banners
Digital: web, social media, presentations, etc.
Color Palette
Accent color – a color of energy and action
Primary background – creates depth and is associated with professionalism
Typography
For the logo – a geometric grotesque with a technological character
For the interface – the benchmark for readability on any screen
Illustration System
We created two complementary types of illustrations, executed in brand colors and united by a single style:
Functional illustrations – explain the functionality of sections, modules, and pages. They help users understand their purpose and essence
Abstract compositions – are used for user-connectable resources and pricing plans
Dark Theme
• Reduces visual strain during prolonged work
• Enhances the perception of data and color accents
• Creates focus on content
/Interface Design
Design System and UI Kit
We based our work on the ready-made Wedges library and customized it to fit our brand identity. This ensured consistency across all elements and reduced development time by 30%
At the outset, we defined:
• Colors
• Font size system and hierarchy
• Grid and spacing
• Border radii and effects
For unique components, we created a custom UI Kit
We prepared detailed guidelines for developers, which helped avoid misunderstandings and ensured precise adherence to the design
Wireframes
We created the "skeleton" of the future interface to test the logic and set priorities without being distracted by design
50+
Screens
Adaptability
All screens are adapted for mobile devices, as administrators often manage systems from their phones
Final Layouts
Based on the wireframes, we designed all screens, including corner cases, loading states, errors, empty pages, and screens with maximum data. This ensures the interface is user-friendly in any situation
20+
Scenarios
160+
Screens
Stage 4
Development
A scalable, fault-tolerant core has been architected to operate under high loads and sophisticated cyberattacks
Basaltek is a platform that addresses two key challenges: providing technological superiority for business and meeting regulatory requirements for working with the public sector
Architecture - FSD (Feature-Sliced Design)
Structured the code around business capabilities. This approach allows different teams to work on features simultaneously: while one team develops monitoring, another improves the WAF, accelerating the release of updates by 2-3 times
Technology Stack
Provides users with an instantly loading, seamless interface, which is critically important when a quick response to incidents is needed
/Backend
Microservices Architecture
Unlike a monolith where a failure in one module halts the entire system, we separated the logic into independent services. As a result, the system scales under any load and continues to operate even while individual components are being updated. Furthermore, this architecture adheres to the principle of functional separation required by FSTEC
Security
Secure communication channels and two-factor authentication comply with both modern standards and regulatory requirements for protection against unauthorized access
Platform for Operation and Observability
Containerization and Orchestration
Ensure automatic scaling to handle peak loads, fault tolerance, and immutable deployments. This guarantees version control and process repeatability
End-to-End Logging and Monitoring
Display the operation of system components in real-time and are essential for proactive incident resolution. They comply with FSTEC requirements for mandatory auditing and integrity control
Multi-Layered Protection System
Anti-DDoS Protection
Implemented at the L7 (Application Layer) level. The system automatically detects and blocks DDoS attacks, ensuring service availability. Complies with requirements for resilience to external influences
WAF Engine
Combines a positive security model for detecting unknown threats and a negative model for blocking known attacks. This protects against both unknown threats and standard vulnerabilities
Technology Stack
Ensures uninterrupted operation of all protection systems and instant threat processing even under extreme load conditions
Stage 5
Testing and Launch
We tested the service to guarantee operational stability and compliance with stated specifications before handing it over for operational use
Functional Testing
Verification of all user scenarios, from adding a resource to creating WAF rules. Ensures full operability of the advertised functionality and alignment of the interface with the system's actual capabilities
Result:
Created a unified "all-in-one" platform
Combined WAF, Anti-DDoS, CDN, DNS, AI protection, and monitoring in a single interface. The client does not need to purchase and configure 5 different services
Provided full control
Supplied tools for fine-tuning (whitelists/blacklists, geoblocking, rule builder, protection modules) with a simple and intuitive interface
Taught the system to "think"
Basaltek AI analyzes traffic, detects anomalies, and blocks unknown threats, continuously learning
Ensured speed through CDN
Clients' websites are not only protected but also load quickly
Reliability Confirmed by Regulators
The "Basaltek" service is currently undergoing the procedure to obtain FSTEC compliance certificates, as well as state registration as an information system. For business, this is a key advantage:
A Strategic Choice for the Public Sector
The ability to work with state-owned companies and budget-funded institutions
Compliance with Federal Law 152-FZ
A ready-made foundation for meeting personal data protection requirements
Maximum Reliability
A guarantee that the service has passed the most stringent security checks
Cost Savings
Reduction of expenses on IT security infrastructure and specialists. The cost of an in-house security team starts from 900,000 RUB/month vs. a Basaltek subscription
Revenue Protection
Prevention of losses from downtime, missed opportunities, and remediation costs (losses starting from 600,000 RUB/hour)
On-Premises Version
For installation within the company's internal network (perimeter)
Conclusion
Basaltek is a modern, multifunctional security platform that combines a powerful firewall, a DDoS protection system, intelligent threat analysis using AI, CDN, and DNS hosting
It is positioned as a simple yet effective solution for protecting and accelerating web resources, specifically designed to meet the needs of the Russian market in the context of import substitution
