Fastly Case Studies Enhancing Web Application Security and Uptime with Fastly's Next-Gen WAF: A Case Study on amazee.io

	Enhancing Web Application Security and Uptime with Fastly's Next-Gen WAF: A Case Study on amazee.io Fastly

Enhancing Web Application Security and Uptime with Fastly's Next-Gen WAF: A Case Study on amazee.io

Fastly

Technology Category	Cybersecurity & Privacy - Application Security Platform as a Service (PaaS) - Application Development Platforms
Applicable Industries	Cement Construction & Infrastructure
Applicable Functions	Maintenance Quality Assurance
Use Cases	Construction Management Tamper Detection
Services	Testing & Certification
Challenge	amazee.io, an open-source application delivery solution provider, was facing challenges in maintaining the seamless operation of its ZeroOps platform. The company's customer base was expanding, and with it, the need for more robust security measures and certificate management. High-profile customers were using the Lagoon platform for business-critical applications, which necessitated stringent security demands. The company was also dealing with issues of false positives and alert fatigue, which were frequent irritants. Traditional Web Application Firewalls (WAFs) were proving to be inadequate, often blocking legitimate traffic or requiring constant tuning and re-tuning. Furthermore, one of amazee.io's major customers had an active bug bounty, which led to constant scanning of the site and required a significant upscaling of the customer's database cluster to handle the load. Read More
About Customer	amazee.io is an open-source application delivery solution provider that offers an infrastructure-independent, ZeroOps platform designed for Kubernetes-based cloud environments. The company hosts websites for major brands and government agencies on its Lagoon platform, guaranteeing up to 99.99% uptime. amazee.io's customers rely on the ZeroOps platform to work seamlessly, keeping infrastructure out of sight and out of mind. The company's customer base is diverse, with some prioritizing compliance, especially government agencies, while others are more concerned about downtime and the associated reputational risk and loss of revenue. Read More
Solution	amazee.io turned to Fastly's Next-Gen WAF and CDN to address these challenges. The Next-Gen WAF was a natural progression for the ZeroOps platform, offering a groundbreaking approach to web application security. Unlike traditional WAFs, Fastly's Next-Gen WAF uses SmartParse technology to take a contextual approach to traffic signals, allowing for more accurate blocking of bad behavior while allowing legitimate traffic. This solution was particularly beneficial for amazee.io, given the transient nature of IPs. The implementation of Fastly's Next-Gen WAF resulted in up to 80 percent of traffic being blocked before reaching the application, significantly reducing infrastructure costs. Additionally, Fastly's CDN and Next-Gen WAF enabled amazee.io to offer its clients 99.99% uptime, a critical selling point for the platform. Fastly's self-service tools also provided amazee.io with the flexibility to make changes to its infrastructure without requiring professional services involvement, enhancing agility and customer service. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Application Security

Platform as a Service (PaaS) - Application Development Platforms

Applicable Industries

Cement

Construction & Infrastructure

Applicable Functions

Maintenance

Quality Assurance

Use Cases

Construction Management

Tamper Detection

Services

Testing & Certification

Challenge

amazee.io, an open-source application delivery solution provider, was facing challenges in maintaining the seamless operation of its ZeroOps platform. The company's customer base was expanding, and with it, the need for more robust security measures and certificate management. High-profile customers were using the Lagoon platform for business-critical applications, which necessitated stringent security demands. The company was also dealing with issues of false positives and alert fatigue, which were frequent irritants. Traditional Web Application Firewalls (WAFs) were proving to be inadequate, often blocking legitimate traffic or requiring constant tuning and re-tuning. Furthermore, one of amazee.io's major customers had an active bug bounty, which led to constant scanning of the site and required a significant upscaling of the customer's database cluster to handle the load.

About Customer

amazee.io is an open-source application delivery solution provider that offers an infrastructure-independent, ZeroOps platform designed for Kubernetes-based cloud environments. The company hosts websites for major brands and government agencies on its Lagoon platform, guaranteeing up to 99.99% uptime. amazee.io's customers rely on the ZeroOps platform to work seamlessly, keeping infrastructure out of sight and out of mind. The company's customer base is diverse, with some prioritizing compliance, especially government agencies, while others are more concerned about downtime and the associated reputational risk and loss of revenue.

Solution

amazee.io turned to Fastly's Next-Gen WAF and CDN to address these challenges. The Next-Gen WAF was a natural progression for the ZeroOps platform, offering a groundbreaking approach to web application security. Unlike traditional WAFs, Fastly's Next-Gen WAF uses SmartParse technology to take a contextual approach to traffic signals, allowing for more accurate blocking of bad behavior while allowing legitimate traffic. This solution was particularly beneficial for amazee.io, given the transient nature of IPs. The implementation of Fastly's Next-Gen WAF resulted in up to 80 percent of traffic being blocked before reaching the application, significantly reducing infrastructure costs. Additionally, Fastly's CDN and Next-Gen WAF enabled amazee.io to offer its clients 99.99% uptime, a critical selling point for the platform. Fastly's self-service tools also provided amazee.io with the flexibility to make changes to its infrastructure without requiring professional services involvement, enhancing agility and customer service.

Impact #1	The implementation of Fastly's Next-Gen WAF and CDN has significantly improved the operational efficiency and security of amazee.io's platform. The solution has minimized false positives without constant tuning, reducing alert fatigue and improving the overall user experience. The contextual approach to traffic signals has also improved the accuracy of blocking bad behavior, reducing the risk of blocking legitimate traffic. This is particularly important for amazee.io, given the transient nature of IPs and the fact that it supports government websites. The use of Fastly's self-service tools has also enhanced the company's agility, enabling it to solve problems specific to its needs without using time and resources getting a professional services team involved. This has resulted in solutions that are more tailored to their customers’ needs. Furthermore, Fastly's Enterprise Support has provided amazee.io with quick and expert responses when needed, enhancing the company's confidence in the solution and its ability to pass that confidence on to its customers.

Impact #1

The implementation of Fastly's Next-Gen WAF and CDN has significantly improved the operational efficiency and security of amazee.io's platform. The solution has minimized false positives without constant tuning, reducing alert fatigue and improving the overall user experience. The contextual approach to traffic signals has also improved the accuracy of blocking bad behavior, reducing the risk of blocking legitimate traffic. This is particularly important for amazee.io, given the transient nature of IPs and the fact that it supports government websites. The use of Fastly's self-service tools has also enhanced the company's agility, enabling it to solve problems specific to its needs without using time and resources getting a professional services team involved. This has resulted in solutions that are more tailored to their customers’ needs. Furthermore, Fastly's Enterprise Support has provided amazee.io with quick and expert responses when needed, enhancing the company's confidence in the solution and its ability to pass that confidence on to its customers.

Benefit #1	Up to 80 percent of traffic is blocked before reaching the application, reducing infrastructure costs.
Benefit #2	Fastly's Next-Gen WAF and CDN enable amazee.io to offer its clients 99.99% uptime, equating to less than 5 minutes of unscheduled downtime per month.
Benefit #3	Fastly's self-service tools allow amazee.io to make changes to its infrastructure without requiring professional services involvement, saving time and resources.

Benefit #1

Up to 80 percent of traffic is blocked before reaching the application, reducing infrastructure costs.

Benefit #2

Fastly's Next-Gen WAF and CDN enable amazee.io to offer its clients 99.99% uptime, equating to less than 5 minutes of unscheduled downtime per month.

Benefit #3

Fastly's self-service tools allow amazee.io to make changes to its infrastructure without requiring professional services involvement, saving time and resources.

Download PDF Version

Overview

Enhancing Web Application Security and Uptime with Fastly's Next-Gen WAF: A Case Study on amazee.io

Operational Impact

Quantitative Benefit