Signal Sciences Case Studies Microservices and API Security Enhancement for OFX’s International Wire Transfer Business

	Microservices and API Security Enhancement for OFX’s International Wire Transfer Business Signal Sciences

Microservices and API Security Enhancement for OFX’s International Wire Transfer Business

Signal Sciences

Technology Category	Application Infrastructure & Middleware - Event-Driven Application Cybersecurity & Privacy - Application Security
Applicable Industries	Electrical Grids National Security & Defense
Applicable Functions	Quality Assurance
Use Cases	Supply Chain Visibility Tamper Detection
Services	Cloud Planning, Design & Implementation Services Testing & Certification
Challenge	OFX, an international financial transfer platform based in Sydney, Australia, processes over $22 billion annually through its web application. Having recently migrated to the cloud, OFX sought to increase visibility and protection against Open Web Application Security Project (OWASP) attacks and authentication abuse in its cloud-first microservices infrastructure. Partners interact with the OFX platform via APIs that communicate with microservices within the OFX network. The Head of Digital Security, Richard Lane, was tasked with building the security program and team. He aimed to ensure that their microservices weren’t implicitly trusting others and sought a product that would provide visibility. He wanted a solution that would be easy to install, use, and effectively block malicious traffic automatically, including logins, without causing production incidents. Read More
About Customer	OFX is an international financial transfer platform based in Sydney, Australia. It processes over $22 billion annually through its web application. The company recently completed a total migration to the cloud over a period of three years. OFX's partners interact with the platform via APIs that communicate with microservices within the OFX network. The company was looking for a solution to increase visibility and protection against Open Web Application Security Project (OWASP) attacks and authentication abuse in its cloud-first microservices infrastructure. Read More
Solution	OFX deployed Signal Sciences in their mid-tier environment with an agent on their web servers. This allowed them to gain deep application visibility. Using Signal Sciences web server module plugins that communicate with lightweight agents, the security team and cloud architect were able to deploy easily without taxing the engineering team. After installing the software in minutes, the security team used Signal Sciences to uncover application errors and address root causes more efficiently and effectively. The quality assurance team uses Signal Sciences monitoring via easy-to-consume dashboards as a part of their release protocols to catch any issues quickly. They also used Signal Sciences Power Rules for successful and failed login attempts to establish a baseline for their normal authentication traffic. With a low risk tolerance and low traffic volume, OFX used Power Rules to create custom thresholds to alert and block malicious authentication traffic aggressively whenever it deviates from normal behavior. Read More Log in to view content
Contents

Technology Category

Application Infrastructure & Middleware - Event-Driven Application

Cybersecurity & Privacy - Application Security

Applicable Industries

Electrical Grids

National Security & Defense

Applicable Functions

Quality Assurance

Use Cases

Supply Chain Visibility

Tamper Detection

Services

Cloud Planning, Design & Implementation Services

Testing & Certification

Challenge

OFX, an international financial transfer platform based in Sydney, Australia, processes over $22 billion annually through its web application. Having recently migrated to the cloud, OFX sought to increase visibility and protection against Open Web Application Security Project (OWASP) attacks and authentication abuse in its cloud-first microservices infrastructure. Partners interact with the OFX platform via APIs that communicate with microservices within the OFX network. The Head of Digital Security, Richard Lane, was tasked with building the security program and team. He aimed to ensure that their microservices weren’t implicitly trusting others and sought a product that would provide visibility. He wanted a solution that would be easy to install, use, and effectively block malicious traffic automatically, including logins, without causing production incidents.

About Customer

OFX is an international financial transfer platform based in Sydney, Australia. It processes over $22 billion annually through its web application. The company recently completed a total migration to the cloud over a period of three years. OFX's partners interact with the platform via APIs that communicate with microservices within the OFX network. The company was looking for a solution to increase visibility and protection against Open Web Application Security Project (OWASP) attacks and authentication abuse in its cloud-first microservices infrastructure.

Solution

OFX deployed Signal Sciences in their mid-tier environment with an agent on their web servers. This allowed them to gain deep application visibility. Using Signal Sciences web server module plugins that communicate with lightweight agents, the security team and cloud architect were able to deploy easily without taxing the engineering team. After installing the software in minutes, the security team used Signal Sciences to uncover application errors and address root causes more efficiently and effectively. The quality assurance team uses Signal Sciences monitoring via easy-to-consume dashboards as a part of their release protocols to catch any issues quickly. They also used Signal Sciences Power Rules for successful and failed login attempts to establish a baseline for their normal authentication traffic. With a low risk tolerance and low traffic volume, OFX used Power Rules to create custom thresholds to alert and block malicious authentication traffic aggressively whenever it deviates from normal behavior.

Impact #1	The deployment of Signal Sciences in OFX's mid-tier environment resulted in a significant improvement in their security measures. The solution provided deep application visibility, allowing the security team to uncover application errors and address root causes more efficiently and effectively. The quality assurance team was able to use Signal Sciences monitoring via easy-to-consume dashboards as a part of their release protocols, enabling them to catch any issues quickly. The use of Signal Sciences Power Rules for successful and failed login attempts helped establish a baseline for their normal authentication traffic. This allowed OFX to create custom thresholds to alert and block malicious authentication traffic aggressively whenever it deviated from normal behavior, thereby enhancing their security protocols.

Impact #1

The deployment of Signal Sciences in OFX's mid-tier environment resulted in a significant improvement in their security measures. The solution provided deep application visibility, allowing the security team to uncover application errors and address root causes more efficiently and effectively. The quality assurance team was able to use Signal Sciences monitoring via easy-to-consume dashboards as a part of their release protocols, enabling them to catch any issues quickly. The use of Signal Sciences Power Rules for successful and failed login attempts helped establish a baseline for their normal authentication traffic. This allowed OFX to create custom thresholds to alert and block malicious authentication traffic aggressively whenever it deviated from normal behavior, thereby enhancing their security protocols.

Benefit #1	OFX processes over $22 billion annually through its web application.
Benefit #2	The software was installed in minutes, saving time and resources.
Benefit #3	OFX was able to gain deep application visibility, improving security measures.

Benefit #1

OFX processes over $22 billion annually through its web application.

Benefit #2

The software was installed in minutes, saving time and resources.

Benefit #3

OFX was able to gain deep application visibility, improving security measures.

Download PDF Version

Overview

Microservices and API Security Enhancement for OFX’s International Wire Transfer Business

Operational Impact

Quantitative Benefit