Fastly Case Studies Finn AI's Implementation of Fastly's Next-Gen WAF for Enhanced API Security

	Finn AI's Implementation of Fastly's Next-Gen WAF for Enhanced API Security Fastly

Finn AI's Implementation of Fastly's Next-Gen WAF for Enhanced API Security

Fastly

Technology Category	Analytics & Modeling - Natural Language Processing (NLP) Application Infrastructure & Middleware - Middleware, SDKs & Libraries
Applicable Industries	Equipment & Machinery National Security & Defense
Applicable Functions	Quality Assurance
Use Cases	Supply Chain Visibility Tamper Detection
Services	System Integration Testing & Certification
Challenge	Finn AI, a provider of AI-powered virtual assistance for banks and credit unions, faced a significant challenge in securing their business-critical APIs. The company, which uses natural language processing technology (NLP) to enable conversational AI technology for financial institutions, needed a solution that would provide visibility into API discovery attempts by malicious threat actors and the ability to stop unusual activity against these APIs. Despite having a relatively small attack surface due to the absence of a client-side frontend, Finn AI's APIs still required effective protection. The company sought a solution that would install easily, scale effectively, be light on resources, and provide protection against OWASP Top 10 and zero-day exploit attempts. Read More
About Customer	Finn AI is a technology company that provides AI-powered virtual assistance for banks and credit unions, aiming to enhance their digital customer experience. The company uses natural language processing technology to enable conversational AI technology for financial institutions, allowing bank customers to manage personal finances through simple voice or text-based interactions. In 2022, Finn AI was acquired by Glia, a leading provider of Digital Customer Service. Finn AI operates as middleware, working between the commercial frontends and SDKs of a bank’s apps, including mobile apps. Read More
Solution	Finn AI, which operates as middleware between the commercial frontends and SDKs of a bank’s apps, chose Fastly to run alongside its core Node.js for effective inspection of API requests. As Finn AI operates within Amazon Web Services, it was crucial to find a solution with a cloud-native focus. Fastly’s Next-Gen WAF was selected for its machine learning-based approach to protection against zero-day attacks. The solution provides visibility across the attack surface and a proactive defense. It also allows Finn AI to maximize IT staff utilization while building security resilience. The Next-Gen WAF provides feedback on persistent attack attempts, making it easy to use and improving Finn AI's security posture across their IT stack. Additionally, actionable alert feedback via alerts sent to various DevOps tools like Slack and Jira allows Finn AI to better analyze the attack surface. Read More Log in to view content
Contents

Technology Category

Analytics & Modeling - Natural Language Processing (NLP)

Application Infrastructure & Middleware - Middleware, SDKs & Libraries

Applicable Industries

Equipment & Machinery

National Security & Defense

Applicable Functions

Quality Assurance

Use Cases

Supply Chain Visibility

Tamper Detection

Services

System Integration

Testing & Certification

Challenge

Finn AI, a provider of AI-powered virtual assistance for banks and credit unions, faced a significant challenge in securing their business-critical APIs. The company, which uses natural language processing technology (NLP) to enable conversational AI technology for financial institutions, needed a solution that would provide visibility into API discovery attempts by malicious threat actors and the ability to stop unusual activity against these APIs. Despite having a relatively small attack surface due to the absence of a client-side frontend, Finn AI's APIs still required effective protection. The company sought a solution that would install easily, scale effectively, be light on resources, and provide protection against OWASP Top 10 and zero-day exploit attempts.

About Customer

Finn AI is a technology company that provides AI-powered virtual assistance for banks and credit unions, aiming to enhance their digital customer experience. The company uses natural language processing technology to enable conversational AI technology for financial institutions, allowing bank customers to manage personal finances through simple voice or text-based interactions. In 2022, Finn AI was acquired by Glia, a leading provider of Digital Customer Service. Finn AI operates as middleware, working between the commercial frontends and SDKs of a bank’s apps, including mobile apps.

Solution

Finn AI, which operates as middleware between the commercial frontends and SDKs of a bank’s apps, chose Fastly to run alongside its core Node.js for effective inspection of API requests. As Finn AI operates within Amazon Web Services, it was crucial to find a solution with a cloud-native focus. Fastly’s Next-Gen WAF was selected for its machine learning-based approach to protection against zero-day attacks. The solution provides visibility across the attack surface and a proactive defense. It also allows Finn AI to maximize IT staff utilization while building security resilience. The Next-Gen WAF provides feedback on persistent attack attempts, making it easy to use and improving Finn AI's security posture across their IT stack. Additionally, actionable alert feedback via alerts sent to various DevOps tools like Slack and Jira allows Finn AI to better analyze the attack surface.

Impact #1	The implementation of Fastly’s Next-Gen WAF has brought several operational benefits to Finn AI. The solution has provided visibility across the attack surface and a proactive defense, enabling Finn AI to uncover the types of attacks malicious actors attempt to use against their APIs. This was particularly useful during SOCII compliance penetration testing, where the Finn AI team could detect that testers were using endpoint scanners. The solution has also helped Finn AI maximize IT staff utilization while building security resilience. The feedback loops via alerts sent to various DevOps tools have allowed Finn AI to better analyze the attack surface and discover new traffic anomalies for examination. The reporting and dashboards have been key in providing proof to their Board of Directors that they’ve taken steps to detect and stop automated attacks.

Impact #1

The implementation of Fastly’s Next-Gen WAF has brought several operational benefits to Finn AI. The solution has provided visibility across the attack surface and a proactive defense, enabling Finn AI to uncover the types of attacks malicious actors attempt to use against their APIs. This was particularly useful during SOCII compliance penetration testing, where the Finn AI team could detect that testers were using endpoint scanners. The solution has also helped Finn AI maximize IT staff utilization while building security resilience. The feedback loops via alerts sent to various DevOps tools have allowed Finn AI to better analyze the attack surface and discover new traffic anomalies for examination. The reporting and dashboards have been key in providing proof to their Board of Directors that they’ve taken steps to detect and stop automated attacks.

Download PDF Version

Overview

Finn AI's Implementation of Fastly's Next-Gen WAF for Enhanced API Security

Operational Impact