How Sophos scales backend API performance testing across teams with Gatling Enterprise

Sophos adopted Gatling to democratize performance testing across decentralized teams, enabling visibility, reusability, and cost-aware development.

At Sophos, the shift to microservices brought new challenges: how to test a growing number of backend APIs efficiently, consistently, and at scale.

Each team needed to validate the performance of their services under realistic load, all without depending on centralized QA or dedicated performance engineers.

With cloud-native architecture, performance wasn’t just about speed—it directly impacted cost, scalability, and user experience.

• Backend services needed to meet strict SLAs set by product management
• Resource efficiency in cloud deployments directly impacted budget
• Teams required a tool that was lightweight, scriptable, and repeatable
• Performance needed to be validated at feature level—not just at launch
• Consistency and transparency in test results were critical

For Sophos, performance testing isn’t centralized. Each microservice team is responsible for testing their APIs against business-defined SLAs. Product management defines acceptable response times, and teams must validate their service performance during development.

Crucially, teams needed autonomy. Gatling’s script-based approach and intuitive UI enabled developers to design and run their own tests, reusing simulations across teams and services. This self-service model reduced bottlenecks and fostered a culture of performance ownership.

At the same time, leadership needed visibility across the organization. Gatling Enterprise’s dashboards, reporting features, and API integrations gave stakeholders real-time insight into system performance. Teams could compare test results over time, track regressions, and align on shared service-level objectives.

Gatling plays a central role in this shift-left strategy, enabling developers to:

• Design and own performance test plans
• Validate against SLAs before deployment
• Avoid the risk of downstream regressions
• Ensure their services don’t overconsume cloud resources

The tool is preferred across teams because of its developer-friendly scripting, repeatability, and visual dashboards. With multiple active simulations across services, teams test with low, medium, and high data volumes—allowing performance comparisons in realistic environments.

To meet these demands, Sophos adopted Gatling Enterprise as their performance testing platform. Load testing became a proactive part of development, helping teams detect resource-heavy behavior before it reached production.

Tests were designed not only to verify SLAs but also to optimize cloud resource consumption, ensuring services scaled effectively without over-provisioning.

• Enabled teams to run repeatable, self-service tests without bottlenecks
• Created distributed ownership of performance—each team owns its metrics
• Reduced cloud resource waste by identifying inefficient endpoints
• Centralized visibility on test results via Gatling UI
• Established internal guidelines and best practices for test planning
• Ran structured load tests with varying data volumes and environments

Gatling has grown into the default tool for performance testing at Sophos. Unlike legacy tools that demanded expert setup and maintenance, Gatling offered a developer-friendly SDK, fast test iteration, and repeatability.

The result: a lightweight yet powerful platform that supports both the speed of development and the rigor of performance engineering.

The platform's flexibility and reusability make it well-suited for a microservices environment, where:

• Performance ownership is distributed
• Test design varies by service
• The cost of poor performance is high

• Empowered every team to define and meet their own SLOs
• Reduced infrastructure waste by identifying costly services early
• Made performance results visible to both tech and product stakeholders
• Encouraged reusability of test scripts across features and services
• Gained executive buy-in by showcasing measurable improvements

Sophos continues to push the envelope in scalable, secure software. With Gatling Enterprise, they’ve built a performance culture grounded in autonomy, accountability, and measurable cost control.

• Integrate Gatling insights into their tool stack to give product and engineering teams greater visibility into how performance impacts SLAs
• Promote a testing-first culture by expanding regular performance testing across more services and development teams
• Define performance thresholds to support smarter release decisions, with benchmark-based gating and early warning systems