Imperva Case Studies Betfred & Imperva: A Case Study on Preventing Account Takeover and Reducing Infrastructure Usage

Edit This Case Study Record

	Betfred & Imperva: A Case Study on Preventing Account Takeover and Reducing Infrastructure Usage Imperva

Betfred & Imperva: A Case Study on Preventing Account Takeover and Reducing Infrastructure Usage

Imperva

Technology Category	Application Infrastructure & Middleware - Event-Driven Application Sensors - Haptic Sensors
Applicable Industries	Cement National Security & Defense
Applicable Functions	Maintenance
Use Cases	Inventory Management Time Sensitive Networking
Services	Cybersecurity Services System Integration
Challenge	Betfred, the 4th largest bookmaker in the UK, was facing a significant proportion of bad bot traffic on its domains, with the volume of bad bots reaching as high as 87% of all web traffic. This was causing a strain on the IT team and wasting bandwidth and infrastructure resources. The company was also dealing with a high frequency of account takeover attacks, with up to 30 brute force credential stuffing attacks on login pages in a month. The backend systems were constantly busy, and the CPU utilization of their IPS/IDS was around 40% dealing with normal traffic. The company also faced issues with inconsistent mitigation strategies, stretched thin team resources, aggressive unauthorized scraping of betting odds, and vulnerability scans looking for weaknesses. The bot problem was one that Betfred tried to tackle internally, using other tools like their DDoS, WAF and IPS/IDS. But soon realized those tools were not built to deal with sophisticated bot operators who could easily circumvent traditional security solutions. Read More
About Customer	Betfred is the 4th largest bookmaker in the UK with over 10,000 employees. The company is headquartered in Warrington, England, and operates over 1,650 bookmaking shops with another 51 shops located on racecourses throughout the UK. Betfred also runs one of the fastest-growing digital gaming platforms through Betfred.com and numerous other domains and mobile applications. The company was facing significant challenges with bad bot traffic, account takeover attacks, and infrastructure strain, which were causing a drain on resources and impacting revenue. Read More
Solution	Betfred decided to deploy Imperva Bot Management to dynamically block attacks and remove the analysis and manual efforts from their team. The integration with Imperva was seamless and was completed within a week. Once Imperva Bot Management was put into CAPTCHA mode, Betfred saw a significant reduction in traffic, halving the requests to their website within four weeks. The constant credential stuffing attacks were also dramatically reduced. While these attacks still occur, their impact is minimal. The backend systems saw a lot of improvements and the CPU utilization dropped to around 3-4%. Imperva Bot Management also helped prevent downtime during peak events like the annual Grand National horse race in the UK. Unauthorized scraping of real-time betting odds was eliminated and the company was able to identify and stop unauthorized users. The service from the Analyst team at Imperva has been excellent, providing constant support and maintaining a high level of service even after 12 months of implementation. Read More Log in to view content
Contents

Technology Category

Application Infrastructure & Middleware - Event-Driven Application

Sensors - Haptic Sensors

Applicable Industries

Cement

National Security & Defense

Applicable Functions

Maintenance

Use Cases

Inventory Management

Time Sensitive Networking

Services

Cybersecurity Services

System Integration

Challenge

Betfred, the 4th largest bookmaker in the UK, was facing a significant proportion of bad bot traffic on its domains, with the volume of bad bots reaching as high as 87% of all web traffic. This was causing a strain on the IT team and wasting bandwidth and infrastructure resources. The company was also dealing with a high frequency of account takeover attacks, with up to 30 brute force credential stuffing attacks on login pages in a month. The backend systems were constantly busy, and the CPU utilization of their IPS/IDS was around 40% dealing with normal traffic. The company also faced issues with inconsistent mitigation strategies, stretched thin team resources, aggressive unauthorized scraping of betting odds, and vulnerability scans looking for weaknesses. The bot problem was one that Betfred tried to tackle internally, using other tools like their DDoS, WAF and IPS/IDS. But soon realized those tools were not built to deal with sophisticated bot operators who could easily circumvent traditional security solutions.

About Customer

Betfred is the 4th largest bookmaker in the UK with over 10,000 employees. The company is headquartered in Warrington, England, and operates over 1,650 bookmaking shops with another 51 shops located on racecourses throughout the UK. Betfred also runs one of the fastest-growing digital gaming platforms through Betfred.com and numerous other domains and mobile applications. The company was facing significant challenges with bad bot traffic, account takeover attacks, and infrastructure strain, which were causing a drain on resources and impacting revenue.

Solution

Betfred decided to deploy Imperva Bot Management to dynamically block attacks and remove the analysis and manual efforts from their team. The integration with Imperva was seamless and was completed within a week. Once Imperva Bot Management was put into CAPTCHA mode, Betfred saw a significant reduction in traffic, halving the requests to their website within four weeks. The constant credential stuffing attacks were also dramatically reduced. While these attacks still occur, their impact is minimal. The backend systems saw a lot of improvements and the CPU utilization dropped to around 3-4%. Imperva Bot Management also helped prevent downtime during peak events like the annual Grand National horse race in the UK. Unauthorized scraping of real-time betting odds was eliminated and the company was able to identify and stop unauthorized users. The service from the Analyst team at Imperva has been excellent, providing constant support and maintaining a high level of service even after 12 months of implementation.

Impact #1	The implementation of Imperva Bot Management has brought significant operational benefits to Betfred. The IT Security team, which was previously stretched thin dealing with bot attacks, has been able to focus on other projects. The constant disruptions and emergencies related to bot attacks have been reduced, providing the team with more peace of mind. The company has also been able to stop unauthorized scraping of betting odds, protecting its data and maintaining a fair playing field in the market. The service from the Analyst team at Imperva has been excellent, providing constant support and maintaining a high level of service even after 12 months of implementation. The company now views Imperva Bot Management as a key web security product and has been able to focus on other areas, knowing that their bot issues are being effectively managed.

Impact #1

The implementation of Imperva Bot Management has brought significant operational benefits to Betfred. The IT Security team, which was previously stretched thin dealing with bot attacks, has been able to focus on other projects. The constant disruptions and emergencies related to bot attacks have been reduced, providing the team with more peace of mind. The company has also been able to stop unauthorized scraping of betting odds, protecting its data and maintaining a fair playing field in the market. The service from the Analyst team at Imperva has been excellent, providing constant support and maintaining a high level of service even after 12 months of implementation. The company now views Imperva Bot Management as a key web security product and has been able to focus on other areas, knowing that their bot issues are being effectively managed.

Benefit #1	50% decrease in page requests
Benefit #2	Significant reduction in brute force credential stuffing attacks from 30 per month to just two instances since the implementation of Imperva
Benefit #3	CPU utilization of backend systems dropped from 40% to around 3-4%

Benefit #1

50% decrease in page requests

Benefit #2

Significant reduction in brute force credential stuffing attacks from 30 per month to just two instances since the implementation of Imperva

Benefit #3

CPU utilization of backend systems dropped from 40% to around 3-4%

Download PDF Version

Overview

Betfred & Imperva: A Case Study on Preventing Account Takeover and Reducing Infrastructure Usage

Operational Impact

Quantitative Benefit