X

ScaleArc, an enterprise software provider, was facing a dual challenge of building brand recognition while pioneering a new software category, database load balancing software. The company was leveraging a comprehensive range of outbound marketing programs, including events, PR, content syndication, and e-mail nurture and partner campaigns. These programs generated a large number of contacts and inbound leads every month. However, these marketing-generated leads typically required multiple “touches” to drive further awareness of ScaleArc and to become better educated on the context of and need for the company’s solution. Given the need to drive education and awareness to build the sales funnel, ScaleArc wanted to augment the outreach beyond what their Business Development Reps (BDRs) could personally provide.

A leading bank in the Asia-Pacific region was faced with the challenge of meeting the Internet Banking Technology Risk Management (IBTRM) requirements. These requirements necessitated the bank to closely supervise and log database activities performed by privileged users. The bank operates over 1500 mission-critical databases, distributed across seven different nations, making it crucial to deploy a solution that can scale to monitor and audit all databases, in all locations. Centralized management was key for enforcement, efficient management, and on-going maintenance. The bank was also concerned about the impact a monitoring solution would have on database performance, hence needed to ensure a low impact solution that would not compromise the availability of its financial systems. IBTRM also required the bank to limit privileged access based on “need-to-know.” Reviewing and managing access privileges across 1500 databases mandated the bank to implement an automated solution for aggregating and analyzing access privileges. For enforcing configuration policies and patch levels the bank needed a quick, automated way to scan databases, find misconfigurations and identify missing patches. Lastly, the bank needed to ensure proper incident management and response.

Frontier Airlines, a low-cost air carrier, was facing a significant challenge with its online booking engine. The company noticed a higher than expected look-to-book ratio, indicating that many website visitors were viewing flights but not making purchases. Upon further investigation, it was discovered that 50 to 60% of the traffic was not legitimate but was generated by bot operators scraping pricing data and artificially inflating the look-to-book ratio. This influx of bots not only skewed Frontier’s ratio but also resulted in potentially large overage fees as the company partners with a third-party reservation system that requires it to meet a certain look-to-book ratio. Additionally, the bot visits skewed site analytics, hindering the company’s ability to optimize the customer journey and maximize both revenue and customer experience. Frontier’s previous attempts to combat bots, such as manual IP blocking, proved to be time-consuming and ineffective as bot sophistication had dramatically increased.

Datalex, a leading provider of a unified Digital Commerce Platform, was facing a significant challenge with bad actors scraping their customers' sites. This activity was diminishing SEO, luring away upsell and cross-sell opportunities, and increasing Global Distribution System (GDS) API pull costs. The travel industry, in which Datalex operates, is particularly vulnerable to such activities due to the valuable data available on their sites. Persistent scrapers were stealing content from travel sites, posting it on their own sites, and monitoring fare prices to undercut with lower fare offerings. One of Datalex's airline customers was being bombarded with deep-digging attacks, driving up backend payment costs. Even smaller customer sites were hit by bots multiple times a day, slowing them down or even taking them offline. Datalex had been using an anti-bot solution from F5 Networks, but it was proving ineffective in distinguishing good bots from bad ones and was burdensome to manage.

A leading North American life insurance company was grappling with the challenge of managing serious risks and ensuring compliance with regulatory standards. The company was struggling with the manual process of compliance proof and reporting, which was not only time-consuming but also prone to errors. The lack of automation in their processes was leading to inefficiencies and increased operational costs. The company was also unable to achieve 100% coverage of regulated data, which posed a significant risk to their operations. The challenge was to find a solution that could automate these processes, reduce expenses, and ensure comprehensive coverage of regulated data.

The healthcare organization, one of the largest nonprofit healthcare systems in the country, was faced with the challenge of protecting vast amounts of patient data. With over 400,000 people in the health system, the organization had to manage a sprawling environment that spanned structured data, unstructured data, and data stored in the cloud. The organization had to balance the clinicians’ needs for on-demand access to patient data against the risk of a data breach. In 2016, the organization embarked on a multiyear project to enhance the protection of patient data across the organization. However, a data security incident early in the project forced the organization to reevaluate its priorities.

TicketNetwork, a rapidly growing online ticket exchange platform, faced significant security challenges due to the nature of its business. The company, which facilitates transactions for third-party ticket sellers and buyers, is a prime target for hackers due to the high volume of credit card transactions it processes. As a Level 1 Service Provider, maintaining PCI compliance was a major corporate initiative for TicketNetwork. Despite not having experienced any data breaches, the company was keen to ensure that its security measures were robust and effective. Additionally, the company needed a solution that could handle massive traffic, block malicious IP addresses, and be deployed quickly for immediate compliance and security.

The customer, a major US Financial Services Provider, part of a Global Fortune 500 Company, was facing several challenges in securing its trading environment. The company needed clear visibility into its database traffic to monitor activity and identify risks. It was crucial to secure customer data and transactions within the online trading environment. The company also needed to ensure the high performance and availability of the database and services that actively support online trading processes. The company was also looking to automate compliance and reporting capabilities for regulatory standards such as GLBA, HIPAA, HiTECH, FISMA, SCC, SOX, ISO 27001 and the NIST Cybersecurity Framework. Protecting sensitive customer and trading information from insider abuse was another challenge. The company also needed to control access to cloud apps and confidential client information, including rich policy enforcement and IP address whitelisting. Lastly, the company needed to prevent DDoS / DNS attacks from compromising the client website.

A leading job site was facing several challenges due to unwanted bot activity on their platform. The site was being crawled by malicious bots, which were distorting web metrics and compromising the integrity of the site's traffic. This was particularly problematic as the site operates as an advertising platform for employers, making accurate traffic metrics crucial. The site's existing solutions, including a homegrown solution and utilities from their CDN, were only able to reactively block bots, not proactively prevent them. This meant that the team was unable to identify and block bots before they became a problem. Additionally, the unwanted bot traffic was consuming resources, driving up infrastructure costs, and negatively impacting the site's performance. The engineering team was also concerned about potential data theft by bots, and wanted to ensure they had complete control over their data.

e-Travel, a leading e-commerce travel specialist, was facing a significant challenge with web scraping bots. These bots, deployed by competitors and new entrants in the travel industry, were stealing e-Travel's data, including pricing information, and selling it to other competitors or auctioning it. This data theft was not only compromising the integrity of e-Travel's data but also straining its team and technical resources. The bots were scraping the sites so frequently that it was affecting the company's service quality. The company had to deploy additional resources to meet the bot demand, which was proving to be expensive. Additionally, the bots were skewing the company's look-to-book ratios and inflating advertising and GDS pull costs. The company's homegrown solution, 'Bot Hammer', was unable to keep up with the bots, and the bot problem persisted. In 2017, the company also faced a few denial of service attacks, adding to its operational challenges.

WMPH Vacations, a travel company specializing in cruise and resort vacations, was facing significant challenges with its network of 30 websites. The company's websites were under constant attack from hackers, competitors, unauthorized aggregators, and other malicious actors. The security threats included near-constant SQL injection attempts, aggressive price scraping, unauthorized vulnerability scanning, and spam. The form spam was particularly problematic as it polluted the company's backend systems, requiring managers to manually sift through forms to remove spam. Despite implementing CAPTCHAs and creating filters, these techniques proved ineffective and required constant maintenance. Additionally, web scraping was negatively impacting site performance, slowing response times, and affecting customer service and transactions with partners. The company was using AWS ELB to manually block IPs, but this was a never-ending task due to bot operators changing and masking IPs.

The European-based company, one of the largest prepared-food delivery chains on the continent, was facing a significant challenge in 2014. Cyberattacks on the company’s website were increasing in frequency and severity, leading to customer complaints and potentially damaging the company's reputation and market position. The company needed a solution to block the harmful traffic that was negatively impacting the customer ordering experience, while ensuring that legitimate eCommerce traffic continued to reach the website. The challenge was not only to protect the company's digital assets but also to maintain a seamless and efficient customer experience. The situation was further exacerbated during the pandemic, with an increase in food delivery orders and a simultaneous surge in cyberattacks.

LeoVegas, a rapidly growing mobile gaming company, was committed to creating the ultimate mobile gaming experience for its players. This commitment involved ongoing efforts to improve the security, availability, and performance of its website, which directly impacted the company's bottom line. A key business requirement was reducing the risk of a DDoS attack against the website, a prevalent issue in the gaming industry often initiated by disgruntled players. Although LeoVegas had not yet been targeted, the company believed it was only a matter of time given its growth and industry position. To protect against service disruption, LeoVegas sought an always-on DDoS mitigation solution that would not add latency to overall website performance. As the company expanded into more countries and markets, regulatory compliance became a top concern. Each country required more audits and had different compliance issues that needed to be addressed. LeoVegas required a security solution that could support automated compliance reports and meet PCI-level standards. Additionally, the company sought a solution that could provide better visibility into its website traffic for marketing purposes.

A global computer technology company was facing significant challenges in meeting the criteria for various regulations including the Sarbanes–Oxley Act (SOX), Payment Card Industry Data Security Standard (PCI-DSS), and Statement on Auditing Standards No. 70 (SAS 70). The company was using IBM Guardium to secure their databases, but the high cost of ownership and operational inefficiencies were proving to be a major hurdle. The company was unable to expand their IBM Guardium deployment beyond the 500 databases it covered due to the overwhelming amount of labor required. This left some critical databases unmonitored, introducing compliance and security risks. The high labor cost was mainly due to Guardium’s architecture deficiencies, which required a large number of virtual appliances to cover the company’s 500 databases. The volume of virtual appliances made the deployment complicated and costly to operate. Furthermore, Guardium’s integration with the company’s Remedy change ticketing and workflow system was cumbersome, and presented many challenges.

SOKA-BAU, a German company providing benefits, compensation, and pension insurance services for 70,000 construction companies, faced a significant challenge in their digital transformation journey. They aimed to provide self-service web applications to their customers and covered employees, which meant exposing their applications to the Internet. However, before they could enable online self-service, they needed to ensure that the sensitive compensation and financial information in their backend databases was completely secure from unauthorized access. The security solution also had to stand up to the scale and availability rigors required from an application with over 650,000 end users. Adding to the challenge was the heterogeneous environment, including database and application server products from several leading vendors, running both custom and packaged applications.

Accor North America, a Dallas-based hotel company operating more than 1,200 hotels, was facing a significant challenge with its online reservations system. Despite having multiple layers of defense, including Secure Sockets Layer (SSL) encryption, the company was concerned about the potential for SSL to be exploited by malicious hackers. SSL, while excellent for protecting consumer information, could also provide a cover for hackers trying to infiltrate the system. More than half of Accor's reservations were made through the web, making the security of this system crucial. The company had an intrusion-prevention system and a perimeter firewall in place, along with standard server hardening techniques. However, the potential vulnerability of the SSL tunnel was a significant concern.

Betfred, the 4th largest bookmaker in the UK, was facing a significant proportion of bad bot traffic on its domains, with the volume of bad bots reaching as high as 87% of all web traffic. This was causing a strain on the IT team and wasting bandwidth and infrastructure resources. The company was also dealing with a high frequency of account takeover attacks, with up to 30 brute force credential stuffing attacks on login pages in a month. The backend systems were constantly busy, and the CPU utilization of their IPS/IDS was around 40% dealing with normal traffic. The company also faced issues with inconsistent mitigation strategies, stretched thin team resources, aggressive unauthorized scraping of betting odds, and vulnerability scans looking for weaknesses. The bot problem was one that Betfred tried to tackle internally, using other tools like their DDoS, WAF and IPS/IDS. But soon realized those tools were not built to deal with sophisticated bot operators who could easily circumvent traditional security solutions.

One of the world’s top 100 Universities, with a presence on four continents, was facing challenges with its network security controls and visibility to protect its assets. The University's expanding database and the changing landscape of external threats had pushed its network security controls to the limit of acceptable risk mitigation. The University was keen on attaining the ISO27001 certification for a small subset of clinical registries, which further emphasized the need to enhance network security. The University needed to protect web applications in multiple cloud environments and support WAF on the Microsoft Azure Platform, while maintaining an on-premises footprint for legacy applications. The solution had to be cloud and on-premise, multi-cloud provider, SaaS, with timely delivery and speed of execution, and cause minimal disruption to the business and end users during deployment.

The North American insurance company, with a history of 150 years, was facing a significant shift in its security strategy. As the company grew, so did the pressures of regulations and customer expectations, leading to a shift from compliance to security use cases. The company's customers were increasingly considering their own potential risks when determining what insurance services to use. This, combined with the added complexity of regulations such as GDPR, CCPA, and NYFDS, and the very visible data breaches in the news, made it critical for the company to stay ahead of it. The company was using IBM Guardium™ Database Activity Monitoring (DAM) for data compliance and governance. However, the new security emphasis created a significant focus on proactively managing the detection and prevention of unauthorized activities around sensitive data. This led to a re-evaluation of the IBM Guardium™ tool for its data security potential. The company needed a solution that could cover additional databases that Guardium™ did not support, eliminate the manual labor that traditionally comes with security incident response, and provide easy access to long-term audit information for reporting and forensic investigation.

One of Europe’s largest independent online beauty retailers was facing a serious issue with web scraping. The retailer suspected that its competitors were using advanced bots to scrape pricing and inventory data from its website, allowing them to match prices and products quickly. The retailer noticed that a lot of its traffic was not from real users but from competitors spying on them. The reaction time to changes made on their website was too quick to be human, indicating the use of bots. The retailer's solutions developer found a lot of bot traffic on the site, some of which could be traced back to the static IP of their competitors’ offices. Initially, the retailer tried to block the bad bots manually, but this turned into an endless game of whack-a-mole as the bots started spoofing the headers and it became difficult to determine whether an address was genuine or not. The task became more and more time-consuming, and soon they were spending a day and a half every week checking for bots.

Grupo VR, a Brazilian company that provides employee benefits in the form of debit cards, faced a significant challenge in ensuring the security and integrity of its confidential information. With a yearly revenue of $2 billion and employing more than 400 people across 12 branches in Brazil, the company had a considerable need for a safe and reliable connectivity infrastructure. The company's employees and third-party suppliers required substantial remote access to the company's systems. As the company evaluated remote-access solutions from several different companies, it sought a solution that would support its diverse requirements while minimizing the complexity of deploying and supporting remote access to applications. The solution also needed to ensure the security of the network for all types of remote-access scenarios.

Skipton Building Society, the seventh largest building society in the UK, faced a significant challenge in maintaining data integrity and security. In 1998, the society decided to upgrade its IT environment by replacing 'dumb' terminals connected to a mainframe environment with a network of desktop computers, many of which were connected to the internet. This move, while beneficial for operational efficiency, posed a significant security risk. The society needed a comprehensive security solution that could guard against the introduction of malicious code, unlicensed software programs, and unauthorized removable media devices. The solution also needed to maintain data integrity and prevent data theft, a critical requirement given the sensitive nature of the financial data the society handles.

Travelex, a global leader in foreign exchange services, faced significant challenges in securing its distributed network. With over 300 workstations in 200 retail locations across the United States and Canada, the company needed to ensure the secure exchange of proprietary financial data across its network. However, many branch locations were connecting to the internet through unsecured dial-up, making it difficult to ensure that all remote locations had the latest antivirus signatures. This situation made certain offices susceptible to aiding virus outbreaks. Additionally, connection speeds varied widely across branches, making it unreliable to push out patches when security upgrades were necessary.

Sooki Co., Ltd., a company specializing in rentals, sales, and repairs of survey and measurement devices, was expanding its business to include 3D application services for various industries. To ensure secure use of these applications by customers from plants, offices, and research centers, Sooki needed to install a unified threat management (UTM) appliance in its data center. The company also needed to provide a low-cost, integrated gateway security system, reduce operating overhead, and provision a uniform security environment for all customer locations. Furthermore, Sooki faced the challenge of constructing a network environment that would allow the construction site, JV office, and each general contractor location to access Sooki’s Tokyo data center via the Internet and use the application. The varying PC environments and inadequate equipment at some sites posed additional challenges.

British Car Auctions (BCA), Europe’s leading vehicle remarketing company, faced a significant challenge as it expanded its operations across Europe. With 14 centers in 9 different countries, BCA required a highly secure solution to provide its European sites with access to the financial systems and database hosted in the London data center. Additionally, BCA was in the process of developing a centralized auction system to replace the multiple independent applications being used across Europe. The challenge was to find a solution that could provide secure, reliable, and cost-effective network connections for multiple auction sites, ensuring high security, availability, and performance for transactions.

Southern Housing Group, a not-for-profit housing association in southeast England, was facing a persistent security problem. The organization, which has an extensive network of remote offices, was struggling with security management despite outsourcing it. Viruses and other intrusions were affecting network performance and user productivity. The Group's network included a head office, an operational center, four regional offices, and approximately 60 estate offices and temporary on-site project management offices. The number of remote locations fluctuated as projects were started and completed. The Group had a cost-effective site-to-site IP virtual private network (VPN) connecting all the locations. However, the dynamic environment and the extensive network made security management a significant challenge.

Symsoft AB, a telecommunications company, provides innovative services to operators, enabling them to offer subscribers new services such as multimedia messaging. With a small team of 60 employees, Symsoft has a global reach, installing its Java-based software on open servers shipped to customer locations across three continents. The company is obligated to provide 24-hour support for its customers, requiring them to log on to the Symsoft network and connect remotely to customer installations anywhere. This global reach and remote access to customer's real-time, mission-critical systems make security a vital concern. Compromised security could lead to significant revenue losses for a customer and potentially damage Symsoft's reputation. As a software developer, Symsoft also needs to protect its main asset—its source code—from theft or damage by network intruders.

Dakota Internet Partners, a leading Internet Service Provider (ISP) in southern Arizona, was seeking to provide its customers with value-added services that would give them a competitive edge. The company identified network security services as a logical extension of its existing business model. However, providing customers with a security solution was only the first piece of the puzzle. Dakota Internet Partners also required a solution that included a platform for managing numerous, geographically dispersed security appliances from a central location. The company needed to minimize up-front investment in IT infrastructure, provide centralized security management and service provisioning, and deploy seamless integration with existing back office and provisioning solutions.

The Equitable Bank, one of the largest consumer lenders in Wisconsin, faced a significant challenge in providing a network with enterprise-class performance and security across its 10 locations. With a limited budget and IT staff, the bank needed to ensure quick loan approvals and instant access to centralized information for its loan originators. Additionally, the bank had to comply with stringent state and federal laws regarding customer privacy and data security. The bank's existing slow frame relay network was not sufficient to meet these demands, and a more robust, secure, and efficient solution was required.

The Ritz London, a legendary hospitality establishment, is renowned for its attention to detail and guest confidentiality. However, a security incident involving the theft of a PDA belonging to the IT manager, Richard Isted, highlighted a significant challenge. The stolen PDA was synchronized to Richard's email, and the existing security measures required the device to connect back to the mobile network to self-destruct. This system was deemed insufficient for lost or stolen devices. Furthermore, Richard needed a solution that would protect the information on all mobile devices used by The Ritz's executives without compromising usability. Many executives used their PDAs for email communication and viewing downloaded files, pictures, or music. Therefore, the solution needed to be user-friendly, fast, and transparent, and allow for a degree of flexibility to accommodate both work-related and personal use.