In this talk, we'll build a gatekeeper to your website. Our fraud detection system will target various types of malicious activities, such as account takeover, parameter tampering, forbidden access and more. We'll try to identify potential attacks and react to them in near real-time. Addressing this problem in a classical batch fashion will result with a complex, non-scalable nor real-time solution. We'll adjust our clumsy implementation to a modern, stream processing windowed-aggregation, use Kafka Streams as our streaming framework, and end up with a beautiful, clean and maintainable code.