Imperva

DigiCert, a provider of scalable TLS/SSL and PKI solutions, was facing challenges in securing their AWS environment. They were already using Imperva’s SaaS Web Application Firewall (WAF) to protect their on-premises applications, but their existing DDoS mitigation solution on AWS was not satisfactory. The solution was excessively scrubbing traffic and blocking legitimate traffic. As DigiCert's business is subjected to daily attacks, they needed a robust security solution that could manage risk, monitor all traffic, rapidly identify threats, and only allow valid traffic to access their applications. They wanted a solution from a single provider that could deliver both WAF protection and DDoS mitigation across their entire hybrid environment. The solution also needed to lower false positives, assure rapid response to minimize potential business interruption, and automate as much of the security process as possible due to time and resource constraints.

The customer, a leading global IT services provider, was seeking to enhance its security credentials to win a lucrative contract with a major North American financial institution. The challenge was to restrict access to sensitive data and improve the protection of customer information. The customer also needed to comply with consultant security policies in training, development, and testing environments, and establish greater controls for alternative development opportunities like offshore initiatives. Furthermore, the financial institution required a solution that could achieve secure, realistic data reproduction and integrated masking across multiple database types and applications.

DigiCert, a leading provider of scalable identity and encryption solutions, was already using Imperva’s SaaS Web Application Firewall (WAF) to protect their on-premises applications when they began migrating some of their workloads to Amazon Web Services (AWS). However, they were not satisfied with their existing DDoS mitigation solution on AWS, as it excessively scrubbed traffic and often blocked legitimate traffic. As DigiCert's usage of AWS grew, they realized the need for a new security solution that could manage risk, monitor all traffic, rapidly identify threats, and only allow valid traffic to access their applications. They wanted a solution from a single provider that could deliver both WAF protection and DDoS mitigation across their entire hybrid environment. The solution also needed to lower false positives, assure rapid response to minimize potential business interruption, and automate as much of the security process as possible due to time and resource constraints.

A leading bank in the Asia-Pacific region was faced with the challenge of meeting the Internet Banking Technology Risk Management (IBTRM) requirements. These requirements necessitated the bank to closely supervise and log database activities performed by privileged users. The bank operates over 1500 mission-critical databases, distributed across seven different nations, making it crucial to deploy a solution that can scale to monitor and audit all databases, in all locations. Centralized management was key for enforcement, efficient management, and on-going maintenance. The bank was also concerned about the impact a monitoring solution would have on database performance, hence needed to ensure a low impact solution that would not compromise the availability of its financial systems. IBTRM also required the bank to limit privileged access based on “need-to-know.” Reviewing and managing access privileges across 1500 databases mandated the bank to implement an automated solution for aggregating and analyzing access privileges. For enforcing configuration policies and patch levels the bank needed a quick, automated way to scan databases, find misconfigurations and identify missing patches. Lastly, the bank needed to ensure proper incident management and response.

Frontier Airlines, a low-cost air carrier, was facing a significant challenge with its online booking engine. The company noticed a higher than expected look-to-book ratio, indicating that many website visitors were viewing flights but not making purchases. Upon further investigation, it was discovered that 50 to 60% of the traffic was not legitimate but was generated by bot operators scraping pricing data and artificially inflating the look-to-book ratio. This influx of bots not only skewed Frontier’s ratio but also resulted in potentially large overage fees as the company partners with a third-party reservation system that requires it to meet a certain look-to-book ratio. Additionally, the bot visits skewed site analytics, hindering the company’s ability to optimize the customer journey and maximize both revenue and customer experience. Frontier’s previous attempts to combat bots, such as manual IP blocking, proved to be time-consuming and ineffective as bot sophistication had dramatically increased.

Datalex, a leading provider of a unified Digital Commerce Platform, was facing a significant challenge with bad actors scraping their customers' sites. This activity was diminishing SEO, luring away upsell and cross-sell opportunities, and increasing Global Distribution System (GDS) API pull costs. The travel industry, in which Datalex operates, is particularly vulnerable to such activities due to the valuable data available on their sites. Persistent scrapers were stealing content from travel sites, posting it on their own sites, and monitoring fare prices to undercut with lower fare offerings. One of Datalex's airline customers was being bombarded with deep-digging attacks, driving up backend payment costs. Even smaller customer sites were hit by bots multiple times a day, slowing them down or even taking them offline. Datalex had been using an anti-bot solution from F5 Networks, but it was proving ineffective in distinguishing good bots from bad ones and was burdensome to manage.

A leading North American life insurance company was grappling with the challenge of managing serious risks and ensuring compliance with regulatory standards. The company was struggling with the manual process of compliance proof and reporting, which was not only time-consuming but also prone to errors. The lack of automation in their processes was leading to inefficiencies and increased operational costs. The company was also unable to achieve 100% coverage of regulated data, which posed a significant risk to their operations. The challenge was to find a solution that could automate these processes, reduce expenses, and ensure comprehensive coverage of regulated data.

The healthcare organization, one of the largest nonprofit healthcare systems in the country, was faced with the challenge of protecting vast amounts of patient data. With over 400,000 people in the health system, the organization had to manage a sprawling environment that spanned structured data, unstructured data, and data stored in the cloud. The organization had to balance the clinicians’ needs for on-demand access to patient data against the risk of a data breach. In 2016, the organization embarked on a multiyear project to enhance the protection of patient data across the organization. However, a data security incident early in the project forced the organization to reevaluate its priorities.

TicketNetwork, a rapidly growing online ticket exchange platform, faced significant security challenges due to the nature of its business. The company, which facilitates transactions for third-party ticket sellers and buyers, is a prime target for hackers due to the high volume of credit card transactions it processes. As a Level 1 Service Provider, maintaining PCI compliance was a major corporate initiative for TicketNetwork. Despite not having experienced any data breaches, the company was keen to ensure that its security measures were robust and effective. Additionally, the company needed a solution that could handle massive traffic, block malicious IP addresses, and be deployed quickly for immediate compliance and security.

The customer, a major US Financial Services Provider, part of a Global Fortune 500 Company, was facing several challenges in securing its trading environment. The company needed clear visibility into its database traffic to monitor activity and identify risks. It was crucial to secure customer data and transactions within the online trading environment. The company also needed to ensure the high performance and availability of the database and services that actively support online trading processes. The company was also looking to automate compliance and reporting capabilities for regulatory standards such as GLBA, HIPAA, HiTECH, FISMA, SCC, SOX, ISO 27001 and the NIST Cybersecurity Framework. Protecting sensitive customer and trading information from insider abuse was another challenge. The company also needed to control access to cloud apps and confidential client information, including rich policy enforcement and IP address whitelisting. Lastly, the company needed to prevent DDoS / DNS attacks from compromising the client website.

A leading job site was facing several challenges due to unwanted bot activity on their platform. The site was being crawled by malicious bots, which were distorting web metrics and compromising the integrity of the site's traffic. This was particularly problematic as the site operates as an advertising platform for employers, making accurate traffic metrics crucial. The site's existing solutions, including a homegrown solution and utilities from their CDN, were only able to reactively block bots, not proactively prevent them. This meant that the team was unable to identify and block bots before they became a problem. Additionally, the unwanted bot traffic was consuming resources, driving up infrastructure costs, and negatively impacting the site's performance. The engineering team was also concerned about potential data theft by bots, and wanted to ensure they had complete control over their data.

e-Travel, a leading e-commerce travel specialist, was facing a significant challenge with web scraping bots. These bots, deployed by competitors and new entrants in the travel industry, were stealing e-Travel's data, including pricing information, and selling it to other competitors or auctioning it. This data theft was not only compromising the integrity of e-Travel's data but also straining its team and technical resources. The bots were scraping the sites so frequently that it was affecting the company's service quality. The company had to deploy additional resources to meet the bot demand, which was proving to be expensive. Additionally, the bots were skewing the company's look-to-book ratios and inflating advertising and GDS pull costs. The company's homegrown solution, 'Bot Hammer', was unable to keep up with the bots, and the bot problem persisted. In 2017, the company also faced a few denial of service attacks, adding to its operational challenges.

WMPH Vacations, a travel company specializing in cruise and resort vacations, was facing significant challenges with its network of 30 websites. The company's websites were under constant attack from hackers, competitors, unauthorized aggregators, and other malicious actors. The security threats included near-constant SQL injection attempts, aggressive price scraping, unauthorized vulnerability scanning, and spam. The form spam was particularly problematic as it polluted the company's backend systems, requiring managers to manually sift through forms to remove spam. Despite implementing CAPTCHAs and creating filters, these techniques proved ineffective and required constant maintenance. Additionally, web scraping was negatively impacting site performance, slowing response times, and affecting customer service and transactions with partners. The company was using AWS ELB to manually block IPs, but this was a never-ending task due to bot operators changing and masking IPs.

The European-based company, one of the largest prepared-food delivery chains on the continent, was facing a significant challenge in 2014. Cyberattacks on the company’s website were increasing in frequency and severity, leading to customer complaints and potentially damaging the company's reputation and market position. The company needed a solution to block the harmful traffic that was negatively impacting the customer ordering experience, while ensuring that legitimate eCommerce traffic continued to reach the website. The challenge was not only to protect the company's digital assets but also to maintain a seamless and efficient customer experience. The situation was further exacerbated during the pandemic, with an increase in food delivery orders and a simultaneous surge in cyberattacks.

LeoVegas, a rapidly growing mobile gaming company, was committed to creating the ultimate mobile gaming experience for its players. This commitment involved ongoing efforts to improve the security, availability, and performance of its website, which directly impacted the company's bottom line. A key business requirement was reducing the risk of a DDoS attack against the website, a prevalent issue in the gaming industry often initiated by disgruntled players. Although LeoVegas had not yet been targeted, the company believed it was only a matter of time given its growth and industry position. To protect against service disruption, LeoVegas sought an always-on DDoS mitigation solution that would not add latency to overall website performance. As the company expanded into more countries and markets, regulatory compliance became a top concern. Each country required more audits and had different compliance issues that needed to be addressed. LeoVegas required a security solution that could support automated compliance reports and meet PCI-level standards. Additionally, the company sought a solution that could provide better visibility into its website traffic for marketing purposes.

A global computer technology company was facing significant challenges in meeting the criteria for various regulations including the Sarbanes–Oxley Act (SOX), Payment Card Industry Data Security Standard (PCI-DSS), and Statement on Auditing Standards No. 70 (SAS 70). The company was using IBM Guardium to secure their databases, but the high cost of ownership and operational inefficiencies were proving to be a major hurdle. The company was unable to expand their IBM Guardium deployment beyond the 500 databases it covered due to the overwhelming amount of labor required. This left some critical databases unmonitored, introducing compliance and security risks. The high labor cost was mainly due to Guardium’s architecture deficiencies, which required a large number of virtual appliances to cover the company’s 500 databases. The volume of virtual appliances made the deployment complicated and costly to operate. Furthermore, Guardium’s integration with the company’s Remedy change ticketing and workflow system was cumbersome, and presented many challenges.

SOKA-BAU, a German company providing benefits, compensation, and pension insurance services for 70,000 construction companies, faced a significant challenge in their digital transformation journey. They aimed to provide self-service web applications to their customers and covered employees, which meant exposing their applications to the Internet. However, before they could enable online self-service, they needed to ensure that the sensitive compensation and financial information in their backend databases was completely secure from unauthorized access. The security solution also had to stand up to the scale and availability rigors required from an application with over 650,000 end users. Adding to the challenge was the heterogeneous environment, including database and application server products from several leading vendors, running both custom and packaged applications.

Accor North America, a Dallas-based hotel company operating more than 1,200 hotels, was facing a significant challenge with its online reservations system. Despite having multiple layers of defense, including Secure Sockets Layer (SSL) encryption, the company was concerned about the potential for SSL to be exploited by malicious hackers. SSL, while excellent for protecting consumer information, could also provide a cover for hackers trying to infiltrate the system. More than half of Accor's reservations were made through the web, making the security of this system crucial. The company had an intrusion-prevention system and a perimeter firewall in place, along with standard server hardening techniques. However, the potential vulnerability of the SSL tunnel was a significant concern.

Betfred, the 4th largest bookmaker in the UK, was facing a significant proportion of bad bot traffic on its domains, with the volume of bad bots reaching as high as 87% of all web traffic. This was causing a strain on the IT team and wasting bandwidth and infrastructure resources. The company was also dealing with a high frequency of account takeover attacks, with up to 30 brute force credential stuffing attacks on login pages in a month. The backend systems were constantly busy, and the CPU utilization of their IPS/IDS was around 40% dealing with normal traffic. The company also faced issues with inconsistent mitigation strategies, stretched thin team resources, aggressive unauthorized scraping of betting odds, and vulnerability scans looking for weaknesses. The bot problem was one that Betfred tried to tackle internally, using other tools like their DDoS, WAF and IPS/IDS. But soon realized those tools were not built to deal with sophisticated bot operators who could easily circumvent traditional security solutions.

One of the world’s top 100 Universities, with a presence on four continents, was facing challenges with its network security controls and visibility to protect its assets. The University's expanding database and the changing landscape of external threats had pushed its network security controls to the limit of acceptable risk mitigation. The University was keen on attaining the ISO27001 certification for a small subset of clinical registries, which further emphasized the need to enhance network security. The University needed to protect web applications in multiple cloud environments and support WAF on the Microsoft Azure Platform, while maintaining an on-premises footprint for legacy applications. The solution had to be cloud and on-premise, multi-cloud provider, SaaS, with timely delivery and speed of execution, and cause minimal disruption to the business and end users during deployment.

The North American insurance company, with a history of 150 years, was facing a significant shift in its security strategy. As the company grew, so did the pressures of regulations and customer expectations, leading to a shift from compliance to security use cases. The company's customers were increasingly considering their own potential risks when determining what insurance services to use. This, combined with the added complexity of regulations such as GDPR, CCPA, and NYFDS, and the very visible data breaches in the news, made it critical for the company to stay ahead of it. The company was using IBM Guardium™ Database Activity Monitoring (DAM) for data compliance and governance. However, the new security emphasis created a significant focus on proactively managing the detection and prevention of unauthorized activities around sensitive data. This led to a re-evaluation of the IBM Guardium™ tool for its data security potential. The company needed a solution that could cover additional databases that Guardium™ did not support, eliminate the manual labor that traditionally comes with security incident response, and provide easy access to long-term audit information for reporting and forensic investigation.

One of Europe’s largest independent online beauty retailers was facing a serious issue with web scraping. The retailer suspected that its competitors were using advanced bots to scrape pricing and inventory data from its website, allowing them to match prices and products quickly. The retailer noticed that a lot of its traffic was not from real users but from competitors spying on them. The reaction time to changes made on their website was too quick to be human, indicating the use of bots. The retailer's solutions developer found a lot of bot traffic on the site, some of which could be traced back to the static IP of their competitors’ offices. Initially, the retailer tried to block the bad bots manually, but this turned into an endless game of whack-a-mole as the bots started spoofing the headers and it became difficult to determine whether an address was genuine or not. The task became more and more time-consuming, and soon they were spending a day and a half every week checking for bots.

StubHub, a leading ticket marketplace, was facing a series of challenges due to the activities of malicious bots. These bots were scraping pricing and inventory data from StubHub's website, selling this proprietary information to competitors, and reposting it on other platforms. This not only led to StubHub's pricing being undercut but also resulted in the theft and misuse of customer accounts. The problem was further exacerbated by the availability of stolen login information and password reuse, which facilitated account takeovers leading to buyer and seller fraud. Additionally, StubHub's site was under constant attack from Advanced Persistent Bots (APBs) that could imitate human-like interactions and blend in with human traffic. These bots were causing a significant increase in site traffic, leading to skewed analytics and artificially low conversion rates.

Smallpdf, a Swiss company providing online PDF tools, faced a significant challenge in protecting its over a billion user accounts from sophisticated bot-driven brute force credential stuffing attacks. These attacks were not only a threat to the sensitive data held in user accounts but also posed a risk to the company's infrastructure. The brute force attacks could potentially impact website performance, causing slowdowns and disruptions for legitimate users. The company's security team was consistently dealing with large-scale botnets targeting their website, which could compromise user accounts if not effectively mitigated. The need to protect their users and maintain the performance of their authentication service was a top priority for Smallpdf.

Brock University, a leading Canadian institution, was facing a significant challenge with its IT infrastructure. The university's mainframe, proprietary database was no longer capable of supporting its online programs and corresponding web-based applications. As the university planned to move from its proprietary mainframe database to a Microsoft SQL Server environment, it was concerned about the protection of its applications and data. The new environment would support a wide array of homegrown, web-based front-end applications, including student self-service applications, administration, finance, and business applications. The university was also concerned about protecting its database against new vulnerabilities that could be introduced over time. Furthermore, the combination of its custom web applications, thousands of users, and database conversion project was going to present a significant number of opportunities for insider threats and external attacks. Given the magnitude of the conversion project and its limited IT resources, Brock wanted a solution that was easy to implement and didn't require a lot of manual tuning.

The organization, a leader in the property and casualty insurance industry, was grappling with the challenge of scaling data discovery across millions of data records. They were also tasked with monitoring hundreds of databases and fulfilling numerous data owner requests every week. The existing manual processes were time-consuming and inefficient, often taking up to four weeks to complete a single data inventory task. The organization was also struggling with managing data owner requests without expanding their staff. Additionally, the audit reporting process was cumbersome and inefficient, leading to a significant amount of time being spent on audit documentation.

A Real Estate service business was in the process of rapidly deploying Amazon RDS databases to enhance its operations. However, this swift transition posed a significant challenge for the company's audit team. They were required to keep pace with the rapid deployment and ensure that all the databases were compliant with the necessary regulations. The team was also under pressure to prepare for an audit that was scheduled in just 60 days. The challenge was to find a solution that could provide rapid coverage of the 8 RDS instances, automatically discover and classify sensitive data, and establish and retain an audit and forensic trail for all database activity.

National Bankcard Services (NBS) provides custom processing solutions for petroleum and convenience store markets, including an online service for retailers to offer various payment options. As part of its operations, NBS enables its customers to track sales from payment card usage through an online portal. To maintain its reputation, NBS must ensure that the sales and related private corporate information of their customers is protected from unauthorized access and data theft. The company was previously performing code reviews and manual code fixes for its web applications, a process that was both time-consuming and prone to human error. NBS needed to comply with PCI 6.6 to protect the online portal from all types of application threats. However, with a small IT staff, the solution needed to be easy to configure and maintain.

vli Limited, a UK-based company that develops and manages innovative web-based solutions, faced a significant challenge in securing its hosted web application platforms. With a customer base of around 100, all of vli’s servers were co-hosted at a data centre operated by a third-party provider. While managed firewalls were already deployed at the data centre, vli had not yet implemented a Web application firewall solution. The company was particularly concerned about SQL injection, a common form of automated application attack that could potentially pose a significant threat to their critical infrastructure. The company's expansion plan for 2009, which involved aggressively targeting the SME market and increasing the number of platforms hosted by them, further compounded the issue. vli needed a robust security solution that could secure their entire legacy, current, and future code, and be fully interoperable with other layers of security architecture.

TechSoup Global, a nonprofit organization based in San Francisco, California, provides other nonprofits with technology resources and support. Their product donation program, TechSoup Stock, allows nonprofits to access donated and discounted technology products, saving organizations over $1.4 billion in expenses as of June 2009. However, the organization faced a significant challenge in securing its web-based transaction processing infrastructure, which was a prime target for hackers due to the processing of donations through credit cards. After an unsuccessful breach attempt, TechSoup realized the need to go beyond traditional perimeter and desktop protection. The organization needed a comprehensive security solution that would effectively monitor and protect its applications from hackers, prevent the loss of sensitive data, and facilitate PCI compliance. The solution also needed to be easy to use and deploy, and require no changes to applications or the network.

Metro Bank, Britain’s first new High Street bank in over 100 years, was facing a significant challenge in improving employee productivity by enabling off-network access to Office 365 and Yammer. Despite having AirWatch Mobile Device Management (MDM) in place, the bank felt that the move was too risky due to the vital importance of protecting bank and customer data. The bank wanted to limit off-network access to corporate devices already managed with their AirWatch MDM deployment, but there was no straightforward way to enforce this policy with their existing tools. The bank's goal was to provide full access to Office 365 for corporate owned device users, on or off network, and to extend access to Yammer to personal device users. In the second phase, specific colleagues were to be given off-site access to the more-sensitive information within Dynamics CRM.

Drupal.org, a community of over a million developers, designers, trainers, strategists, coordinators, editors, and sponsors, faced a significant challenge with spam. Spammers created bogus accounts to post junk content on Drupal.org's website, which has a highly coveted Google PageRank of 9. This spam was damaging to the Drupal brand and risked lowering its PageRank value. The spam was not automated but posted by actual people, making it harder to mitigate. The staff and community volunteers had to spend considerable time manually identifying and removing spam, with some spending up to half their workday on this task. Additionally, the spammer accounts skewed the community engagement metrics, making it hard to gauge the actual growth and engagement of the community. The spam also took up unnecessary space in the database and backups.

PSCU, a credit union service organization, was facing a significant challenge in protecting its sensitive data from advanced targeted attacks. These attacks are multi-phased and designed to bypass the security perimeter, often targeting company employees as an entry point. PSCU had tokenization and encryption technology in place, but they understood that monitoring all access to sensitive information and responding to suspicious activity in real-time was crucial for enhancing their security posture. They needed a solution to monitor privileged users, who are often the prime target of advanced attacks, and locate unauthorized copies of databases. Additionally, PSCU wanted a dedicated malware detection solution to add to its layered defense strategy.

Partner Agent Inc., a leading innovator in the marriage services industry, was faced with the challenge of ensuring absolute security for its new B2B business initiatives. The company needed a security system that could be implemented with limited human resources, yet robust enough to safeguard web access and protect their extremely important customer information. The company was also looking for a reputable security vendor that could put their partners at ease. As the company expanded into B2B, it became imperative to have a Web Application Firewall (WAF) that offered absolute security. The company was entrusted with extremely personal details about its clients, making it crucial to have a reliable IT system as part of its business infrastructure. As the business underwent rapid expansion, the number of new features provided and their constant upgrading gave rise to new problems.

ALYN Woldenberg Family Hospital, Israel’s only pediatric rehabilitation facility, was facing a significant challenge in securing its website and customer database of over 70,000 patients. The hospital's IT team was particularly concerned about the security of their content management system (CMS), as they felt their existing cybersecurity vendor was not updating the security on their CMS frequently enough. This left them vulnerable to cyberattacks, a growing concern in the healthcare industry. The hospital also had to consider patient privacy and regulatory compliance in their search for a new cybersecurity solution. The cost-benefit ratio and the constraints of a small IT team meant they needed a managed system that was easy to integrate and required minimal upkeep. Initially hesitant to move to a cloud-based system due to strict government regulations, they were also concerned about the potential weak points in their special projects website, which was used for resource development and event coordination.

A leading global bank, operating in over 40 countries and serving over 38 million customers, was facing significant challenges in meeting key regulatory requirements such as the Monetary Authority of Singapore Technology Risk Management (MAS TRM), Reserve Bank of India (RBI) Guidelines, and Sarbanes-Oxley Act (SOX). The bank was using built-in auditing capabilities included with their databases to meet these requirements. However, these tools proved to be costly and unreliable, consuming 20% of their database processing power, requiring additional hardware and software purchases, and necessitating extra storage space for the massive volume of log data being collected. The bank also had to increase its IT headcount to manage the auditing system and run audit reports. The bank estimated that to make their in-house solution work effectively, it would cost them at least $100 million. Furthermore, the bank failed an audit due to their inability to produce consistent and repeatable audit reports that satisfied the different regulations.

The automotive retailer, operating hundreds of stores and websites, was facing a significant challenge with malicious bot traffic. Despite having multiple firewalls, appliances, and other mechanisms for blocking attacks, the company's nearly 100 web properties were frequently crashing due to bad bots attempting to scrape content. The bots were pulling an average of 8,000 pages per second for competitive data mining, causing the sites to crash frequently. The company was also struggling with managing blacklists and whitelists, which was proving to be an administrative nightmare. The situation was so severe that it was consuming the equivalent of one full-time employee (FTE). The company needed a solution that could intelligently block traffic, maintain the same service level from a performance standpoint, integrate seamlessly with their existing complex infrastructure, and work well with their existing monitoring tools.

A leading research university in the U.S. was seeking a robust security solution for their SharePoint system to protect it from both internal and external threats. The university, like many other higher education institutions, was focused on maintaining compliance with regulations such as FERPA, PCI, and HIPAA, and ensuring the security of their online presence. The Information Technology group at the university was responsible for securing the websites for the revenue-generating departments on campus. They used Microsoft SharePoint for their intranet portals and hosted public-facing websites for various services like student housing, campus parking, the university bookstore, dining programs, and more. These sites served as self-service commerce portals for its 30,000 undergraduate and graduate students, necessitating deeper security assurance and greater visibility into the SharePoint environment. The university wanted to better understand the SharePoint security posture of both its external and internal deployments. They found that native SharePoint lacked the necessary security capabilities to protect a web-facing deployment that housed sensitive data like financial information, personal health information (PHI), and personally identifiable information (PII).

AARP, an organization dedicated to improving the quality of life for people over 50, offers a range of products, services, and resources to its millions of members. Many of these services involve the use of personally identifiable information (PII), necessitating a robust security-in-depth cyber defense program to protect the data of AARP members, volunteers, and employees. AARP was in search of a runtime application self-protection (RASP) solution that could safeguard its Amazon Web Services (AWS)-hosted applications from attacks in its production environments. The organization had identified 31 Java applications for initial RASP implementation, but also needed a solution that could accommodate potential future transitions to a microservices-based architecture. Additionally, AARP required a RASP solution that would complement its existing security program, which includes vulnerability management, incident detection and response, and network defense.

Covelli Enterprises, the largest franchisee of Panera Breads and O’Charley’s restaurants, was facing a significant challenge with its web security. Despite maintaining a low online profile, the company's web servers were consistently targeted by IP addresses from foreign countries. These servers housed sensitive data, including web-based email accounts, company reports, and business intelligence. The potential exploitation of these servers could lead to consumers being lured with malicious web advertising. Covelli's initial solution, an IPS system, proved insufficient as there were numerous ways to bypass it. The company needed a more robust solution to block attacks from known malicious users, monitor web application traffic, block web page and malware injection, and prevent unauthorized access to specific web servers.

A leading online education services provider in the United States faced a significant challenge in protecting the Personally Identifiable Information (PII) of its students in non-production environments. These environments included application development, testing, and training, which required the use of student data. The challenge was to find a solution that could securely de-identify student information before sharing it for these purposes. The need for such a solution was driven not only by the priority of ensuring the security of student information but also by the need to comply with the Family Educational Rights and Protection Act (FERPA). The client was also under pressure to maintain the integrity of its brand and uphold a track record of secure student data. The ideal solution needed to be time and resource-efficient, support the complexity of their underlying data, and mask it intelligently so that the end result looks and acts like the original data. The client also sought a vendor with a strong consulting practice to leverage data masking experts and accelerate the project.

Banco Popular Dominicano (BPD), a leading privately owned bank in the Dominican Republic, was facing challenges with its complex database environments. The databases were on separate servers, shared and consolidated due to the high cost of infrastructure. The existing solution was not meeting the bank's needs as it required too much time and resources to operate, and lacked the capacity to scale to meet the high demands of the production environment. The bank needed a solution that would not negatively affect any production process and could run without the need for additional equipment and personnel.

Intuition Systems, a high-volume electronic payment processor, was faced with the challenge of meeting the new PCI requirement for Web Application protection. As a Level 1 Payment Card Industry Service Provider, they had the option to either install application layer firewall technology or go through a secure code vulnerability assessment process for each of their custom applications. At the time, six of their custom applications processed credit cards and were subject to PCI. They expected this number to grow to 10 or more within the year. The process of obtaining a code vulnerability assessment of each custom application would be time-consuming and expensive, and would restrain their ability to add applications and scale their business. Therefore, they decided that the secure code assessment option did not fit their business model. They needed a solution that was scalable, easy to implement and manage, and would not impact their applications and IT infrastructure.

Pelephone Communications Ltd., a leading communications company in Israel, was facing a significant challenge in managing and securing its vast amount of customer and financial data. The company's Chief Security Officer, Yoni Elias, was keen on ensuring that all sensitive data was accessible only on a business need-to-know basis. To enhance Pelephone’s security posture and meet compliance requirements, the company needed granular visibility into file and folder permissions, easy and automated data ownership identification, scheduled and on-demand access audit reports, and real-time policies to alert on data usage that violated standard corporate practices. However, their existing data governance system, particularly the reporting and alerting capabilities, had significant drawbacks that were driving operational costs higher.

The client, a global aerospace and defense organization, faced a significant challenge in enhancing the privacy and security of its database testing to safeguard all copies of live data within the organization. As one of the largest U.S. exporters, the company needed to maintain reliable data controls to protect its reputation and the interests of its customers, vendors, and employees. The client's goal was to find a data masking solution that would improve security without compromising the efficiency of database projects that included software development, integration testing, and offshoring. The challenge for Imperva was to ensure that the database copies were realistic for accurate testing and development, and to achieve secure and realistic data masking across multiple and varying data stores and complex applications.

NTT TechnoCross, a subsidiary of Nippon Telegraph and Telephone (NTT), is a company that offers advanced IT services and technology to its customers. The company's website serves as the central source of information, delivering the brand directly to customers and helping build customer loyalty. Any interruption in the operation of the website has a large impact, with the potential of a loss of trust that extends beyond the company to the NTT Group as a whole. As a company that builds its branding on security technology, it is imperative that NTT TechnoCross protects itself against cyberattacks as any damage would bear a significant loss in its brand value. When the time came for the company to renew its website, selecting a solution to protect the site was crucial for the company. The company was already facing growing demand for cloud computing in business at the time. With technical support for customers’ cloud computing and security as one of its core offerings, NTT TechnoCross considered using cloud-based services for its own renewed site. At the same time, it made the decision to switch from in-house operations to the use of services in security as well.

A Fortune 500 IT services and business software company, with over 20,000 employees, provides data center hosting services for its own financial applications and for third-party web applications. Many of these applications are internet-facing and regulated by the Sarbanes-Oxley and Gramm-Leach-Bliley Acts, requiring the company to protect sensitive data. The company faced challenges in maintaining security due to the dynamic and highly-customized nature of its applications. Continual scanning of applications after every change was burdensome and required significant coordination between application developers and security engineers. The company needed a solution that would not impact release schedules, provide instant vulnerability remediation, and integrate seamlessly into their virtualized environment.

DigiCert, a provider of scalable TLS/SSL and PKI solutions, was already using Imperva’s SaaS Web Application Firewall (WAF) to protect their on-premises applications when they began migrating some of their workloads to Amazon Web Services (AWS). However, they were using another vendor for DDoS mitigation on AWS, which they found unsatisfactory due to excessive scrubbing of traffic and blocking of legitimate traffic. As DigiCert's usage of AWS grew, they realized the need for a new security solution that could manage risk, monitor all traffic, rapidly identify threats, and only allow valid traffic to access their applications. They wanted a solution from a single provider that could deliver both WAF protection and DDoS mitigation across their entire hybrid environment. The solution also needed to lower false positives, assure rapid response to minimize potential business interruption, and automate as much of the security process as possible due to time and resource constraints.

Discovery, Inc., a global leader in non-fiction entertainment, faced a significant challenge in managing large amounts of digital customer and company data due to its popularity. The data was subject to compliance regulations and regular audits, and the company needed clearer visibility into their data estate. The challenge was compounded by several factors, including a merger and personnel changes in 2018, which left much of the older data inaccessible to new toolsets. Initially, Discovery, Inc. used Imperva’s SecureSphere to pinpoint certain schemas and security controls they needed to address, and to then adopt those security controls as required. However, as the company expanded into a more cloud-native infrastructure, they needed to extend their compliance requirements coverage to both on-premises and cloud-native technologies.

The Tokyo Institute of Technology, Japan’s leading science and technology university, was facing significant security threats to the content of nearly 400 websites operated by its on-campus hosting service. The university's Global Scientific Information and Computing Center (GSIC) department, responsible for managing and maintaining the institute’s IT environments, was under constant attack. With limited security professional resources within the department, the university was in dire need of a robust, easy-to-deploy solution that could effectively protect their web content. The challenge was further compounded by the extensive incident response workload of the security management team and the limited human resources of the security operation team.

Scoot Airlines, a low-cost arm of the Singapore Airlines Group, was facing a significant challenge with bad bots abusing their booking engine. Unauthorized OTAs, competitors, and meta search sites were using sophisticated web scraping bots to exploit the business logic of Scoot’s booking engine. This led to skewed look-to-book ratios and site slowdowns. The bot traffic was also depriving legitimate customers of the opportunity to book air travel on Scoot’s website. Furthermore, Scoot was dealing with a high volume of traffic due to novice software development practices at its travel partners. The bot traffic was causing slowdowns across passenger-facing systems, including flight check-ins, which could trigger delays in departure times. The bot incidents were also impacting staff resources across multiple departments.

The Israel Ministry of Finance e-Government Initiative, also known as the Tehila project, was faced with the challenge of protecting sensitive applications and data from cyber-terror attacks while ensuring 24/7 access for visitors. The project was responsible for providing all government ministries and institutions with secure Internet services. The primary motive was to prevent cyber-terror attacks on sensitive applications and data. Tehila hosts and secures dozens of government web applications and needed to build a secure platform for these applications and data to appear on the Internet. Before Tehila, the sites were hosted by private ISPs at a very low security level and some were breached. The solution needed to be easy to deploy, not burden the staff with excessive maintenance, and provide reporting with a view into what was happening in their applications.

PayFlex, a third-party administrator that works directly with employers to administer their benefit spending accounts, COBRA and Transit programs, faced a significant security challenge. The company provides consumers with a specialized debit card for medical transactions, which necessitates the storage of debit card numbers and claim data. This convenience, however, is balanced by potential security and regulatory considerations. PayFlex has a responsibility to uphold the highest security standards to protect its customers and their employees. Regulatory compliance is a major consideration for PayFlex, as it must contend with PCI and HIPAA standards. PCI mandates basic network security controls to protect cardholder data, and HIPAA standards require that enterprises prevent health information from being leaked. The liability for a breach is expensive, reaching up to $1.5 million since the implementation of the HITECH Act.