Imperva

DigiCert, a provider of scalable TLS/SSL and PKI solutions, was facing challenges in securing their AWS environment. They were already using Imperva’s SaaS Web Application Firewall (WAF) to protect their on-premises applications, but their existing DDoS mitigation solution on AWS was not satisfactory. The solution was excessively scrubbing traffic and blocking legitimate traffic. As DigiCert's business is subjected to daily attacks, they needed a robust security solution that could manage risk, monitor all traffic, rapidly identify threats, and only allow valid traffic to access their applications. They wanted a solution from a single provider that could deliver both WAF protection and DDoS mitigation across their entire hybrid environment. The solution also needed to lower false positives, assure rapid response to minimize potential business interruption, and automate as much of the security process as possible due to time and resource constraints.

The customer, a leading global IT services provider, was seeking to enhance its security credentials to win a lucrative contract with a major North American financial institution. The challenge was to restrict access to sensitive data and improve the protection of customer information. The customer also needed to comply with consultant security policies in training, development, and testing environments, and establish greater controls for alternative development opportunities like offshore initiatives. Furthermore, the financial institution required a solution that could achieve secure, realistic data reproduction and integrated masking across multiple database types and applications.

DigiCert, a leading provider of scalable identity and encryption solutions, was already using Imperva’s SaaS Web Application Firewall (WAF) to protect their on-premises applications when they began migrating some of their workloads to Amazon Web Services (AWS). However, they were not satisfied with their existing DDoS mitigation solution on AWS, as it excessively scrubbed traffic and often blocked legitimate traffic. As DigiCert's usage of AWS grew, they realized the need for a new security solution that could manage risk, monitor all traffic, rapidly identify threats, and only allow valid traffic to access their applications. They wanted a solution from a single provider that could deliver both WAF protection and DDoS mitigation across their entire hybrid environment. The solution also needed to lower false positives, assure rapid response to minimize potential business interruption, and automate as much of the security process as possible due to time and resource constraints.