Imperva Case Studies Imperva's RASP Solution Enhances AARP's Cyber Defense Program

Edit This Case Study Record

	Imperva's RASP Solution Enhances AARP's Cyber Defense Program Imperva

Imperva's RASP Solution Enhances AARP's Cyber Defense Program

Imperva

Technology Category	Application Infrastructure & Middleware - Event-Driven Application Cybersecurity & Privacy - Application Security
Applicable Industries	Buildings National Security & Defense
Applicable Functions	Product Research & Development Quality Assurance
Use Cases	Tamper Detection Time Sensitive Networking
Services	Cybersecurity Services Testing & Certification
Challenge	AARP, an organization dedicated to improving the quality of life for people over 50, offers a range of products, services, and resources to its millions of members. Many of these services involve the use of personally identifiable information (PII), necessitating a robust security-in-depth cyber defense program to protect the data of AARP members, volunteers, and employees. AARP was in search of a runtime application self-protection (RASP) solution that could safeguard its Amazon Web Services (AWS)-hosted applications from attacks in its production environments. The organization had identified 31 Java applications for initial RASP implementation, but also needed a solution that could accommodate potential future transitions to a microservices-based architecture. Additionally, AARP required a RASP solution that would complement its existing security program, which includes vulnerability management, incident detection and response, and network defense. Read More
About Customer	AARP is an organization founded in 1958 with the mission to enhance the quality of life for people aged 50 and above. The organization offers a wide range of products, services, and resources to its millions of members, empowering them to lead active, healthy, and secure lives as they age. Many of these services involve the use of personally identifiable information (PII), making data security a top priority for the organization. To protect the data of its members, volunteers, and employees, AARP has developed a mature security-in-depth cyber defense program. Read More
Solution	AARP approached Prevoty, now part of Imperva, for a RASP solution. Imperva's RASP was identified as the most mature and technologically superior solution based on analyst reports and customer feedback. The solution was evaluated based on scalability, permanent patching & visibility, and broad integration capabilities. Imperva's RASP technology was found to be nimble enough to accommodate major application architectural changes, working in any type of deployment architecture, including on-premises, cloud, containers, and microservices. It also complemented AARP's existing security stack, filling security gaps that left applications vulnerable to attack at runtime. The RASP technology integrated seamlessly with AARP's existing environments like AWS and automated workflows. After a successful proof-of-value process, AARP adopted RASP and integrated it into its existing application deployment process using an open-source application deployment automation platform. Read More Log in to view content
Contents

Technology Category

Application Infrastructure & Middleware - Event-Driven Application

Cybersecurity & Privacy - Application Security

Applicable Industries

Buildings

National Security & Defense

Applicable Functions

Product Research & Development

Quality Assurance

Use Cases

Tamper Detection

Time Sensitive Networking

Services

Cybersecurity Services

Testing & Certification

Challenge

AARP, an organization dedicated to improving the quality of life for people over 50, offers a range of products, services, and resources to its millions of members. Many of these services involve the use of personally identifiable information (PII), necessitating a robust security-in-depth cyber defense program to protect the data of AARP members, volunteers, and employees. AARP was in search of a runtime application self-protection (RASP) solution that could safeguard its Amazon Web Services (AWS)-hosted applications from attacks in its production environments. The organization had identified 31 Java applications for initial RASP implementation, but also needed a solution that could accommodate potential future transitions to a microservices-based architecture. Additionally, AARP required a RASP solution that would complement its existing security program, which includes vulnerability management, incident detection and response, and network defense.

About Customer

AARP is an organization founded in 1958 with the mission to enhance the quality of life for people aged 50 and above. The organization offers a wide range of products, services, and resources to its millions of members, empowering them to lead active, healthy, and secure lives as they age. Many of these services involve the use of personally identifiable information (PII), making data security a top priority for the organization. To protect the data of its members, volunteers, and employees, AARP has developed a mature security-in-depth cyber defense program.

Solution

AARP approached Prevoty, now part of Imperva, for a RASP solution. Imperva's RASP was identified as the most mature and technologically superior solution based on analyst reports and customer feedback. The solution was evaluated based on scalability, permanent patching & visibility, and broad integration capabilities. Imperva's RASP technology was found to be nimble enough to accommodate major application architectural changes, working in any type of deployment architecture, including on-premises, cloud, containers, and microservices. It also complemented AARP's existing security stack, filling security gaps that left applications vulnerable to attack at runtime. The RASP technology integrated seamlessly with AARP's existing environments like AWS and automated workflows. After a successful proof-of-value process, AARP adopted RASP and integrated it into its existing application deployment process using an open-source application deployment automation platform.

Impact #1	With the implementation of Imperva's RASP technology, AARP was able to push its AWS-hosted applications to production faster and at scale, with enhanced security. The most immediate impact of RASP was on AARP's vulnerability management service level agreements (SLAs). The immediate, permanent protection offered by RASP made AARP's backlog of vulnerabilities less critical, allowing development teams more time to fix vulnerabilities on their own schedule. This also freed up more time for the development of features that solve problems, deliver services to customers, and drive business. Additionally, RASP technology provided AARP with increased visibility into application attacks, events, and risks, feeding context-enriched perspectives from inside their applications into a SIEM to deliver better, smarter, actionable intelligence.

Impact #1

With the implementation of Imperva's RASP technology, AARP was able to push its AWS-hosted applications to production faster and at scale, with enhanced security. The most immediate impact of RASP was on AARP's vulnerability management service level agreements (SLAs). The immediate, permanent protection offered by RASP made AARP's backlog of vulnerabilities less critical, allowing development teams more time to fix vulnerabilities on their own schedule. This also freed up more time for the development of features that solve problems, deliver services to customers, and drive business. Additionally, RASP technology provided AARP with increased visibility into application attacks, events, and risks, feeding context-enriched perspectives from inside their applications into a SIEM to deliver better, smarter, actionable intelligence.

Download PDF Version

Overview

Imperva's RASP Solution Enhances AARP's Cyber Defense Program

Operational Impact