Fastly Case Studies Autoscaling Production Application Security in Betterment’s CI/CD Pipeline

	Autoscaling Production Application Security in Betterment’s CI/CD Pipeline Fastly

Autoscaling Production Application Security in Betterment’s CI/CD Pipeline

Fastly

Technology Category	Application Infrastructure & Middleware - Event-Driven Application Cybersecurity & Privacy - Application Security
Applicable Industries	National Security & Defense Oil & Gas
Use Cases	Supply Chain Visibility Tamper Detection
Services	System Integration
Challenge	Betterment, an online financial advisor with over $14 billion in assets under management and a user base of over 380,000 customers, needed a solution to protect customer PII and financial assets. The company required a solution that could automatically scale and block attacks without impacting performance or requiring ongoing signature tuning. The company's Engineering and Security teams were particularly concerned about the signal-to-noise ratio based on their previous experience with legacy WAFs. It was crucial for them to find a WAF that could scale automatically and accurately block attacks without increasing support call volume or creating additional work for the Engineering or Security teams. Read More
About Customer	Betterment is an online financial advisor with more than $14 billion in assets under management. The company supports a user base of over 380,000 customers who access its online platform. To cater to this large user base, the company spins up numerous web servers daily through its continuous integration and deployment (CI/CD) pipeline. The company's Engineering and Security teams were previously concerned about the signal-to-noise ratio in their legacy WAFs and needed a solution that could scale automatically and accurately block attacks without increasing support call volume or creating additional work. Read More
Solution	Betterment adopted Signal Sciences to reduce the workload of its Security team by automating deployment and updates, and providing quick access to informed insights without compromising performance. To provision Signal Sciences, Betterment’s Operations team wrote a simple Ansible playbook. This ensured that any new application instance would automatically have Signal Sciences modules and agents installed as a part of its CI/CD pipeline. Signal Sciences provided robust security coverage that could block malicious requests without impacting the performance and availability of the application. The solution also offered easy-to-use dashboards that provided visibility, surfacing any detected vulnerabilities and reporting them to the respective team for timely remediation. Betterment also used Power Rules to prevent attacks against their unique application logic and keep financial data safe. Read More Log in to view content
Contents

Technology Category

Application Infrastructure & Middleware - Event-Driven Application

Cybersecurity & Privacy - Application Security

Applicable Industries

National Security & Defense

Oil & Gas

Use Cases

Supply Chain Visibility

Tamper Detection

Services

System Integration

Challenge

Betterment, an online financial advisor with over $14 billion in assets under management and a user base of over 380,000 customers, needed a solution to protect customer PII and financial assets. The company required a solution that could automatically scale and block attacks without impacting performance or requiring ongoing signature tuning. The company's Engineering and Security teams were particularly concerned about the signal-to-noise ratio based on their previous experience with legacy WAFs. It was crucial for them to find a WAF that could scale automatically and accurately block attacks without increasing support call volume or creating additional work for the Engineering or Security teams.

About Customer

Betterment is an online financial advisor with more than $14 billion in assets under management. The company supports a user base of over 380,000 customers who access its online platform. To cater to this large user base, the company spins up numerous web servers daily through its continuous integration and deployment (CI/CD) pipeline. The company's Engineering and Security teams were previously concerned about the signal-to-noise ratio in their legacy WAFs and needed a solution that could scale automatically and accurately block attacks without increasing support call volume or creating additional work.

Solution

Betterment adopted Signal Sciences to reduce the workload of its Security team by automating deployment and updates, and providing quick access to informed insights without compromising performance. To provision Signal Sciences, Betterment’s Operations team wrote a simple Ansible playbook. This ensured that any new application instance would automatically have Signal Sciences modules and agents installed as a part of its CI/CD pipeline. Signal Sciences provided robust security coverage that could block malicious requests without impacting the performance and availability of the application. The solution also offered easy-to-use dashboards that provided visibility, surfacing any detected vulnerabilities and reporting them to the respective team for timely remediation. Betterment also used Power Rules to prevent attacks against their unique application logic and keep financial data safe.

Impact #1	The implementation of Signal Sciences has resulted in a significant reduction in the workload of Betterment's Security team. The automation of deployment and updates has streamlined processes, while the quick access to informed insights has improved decision-making without compromising performance. The robust security coverage provided by Signal Sciences has enhanced the company's ability to block malicious requests, thereby improving the security of customer data. The easy-to-use dashboards have improved visibility into vulnerabilities, enabling the respective teams to remediate them in a timely manner. The use of Power Rules has further enhanced security by preventing attacks against the company's unique application logic.

Impact #1

The implementation of Signal Sciences has resulted in a significant reduction in the workload of Betterment's Security team. The automation of deployment and updates has streamlined processes, while the quick access to informed insights has improved decision-making without compromising performance. The robust security coverage provided by Signal Sciences has enhanced the company's ability to block malicious requests, thereby improving the security of customer data. The easy-to-use dashboards have improved visibility into vulnerabilities, enabling the respective teams to remediate them in a timely manner. The use of Power Rules has further enhanced security by preventing attacks against the company's unique application logic.

Benefit #1	Reduced workload for the Security team by automating deployment and updates
Benefit #2	Quick access to informed insights without compromising performance
Benefit #3	Robust security coverage that can block malicious requests without impacting application performance and availability

Benefit #1

Reduced workload for the Security team by automating deployment and updates

Benefit #2

Quick access to informed insights without compromising performance

Benefit #3

Robust security coverage that can block malicious requests without impacting application performance and availability

Download PDF Version

Overview

Autoscaling Production Application Security in Betterment’s CI/CD Pipeline

Operational Impact

Quantitative Benefit