The Challenge
DigiCert was already using Imperva’s SaaS Web Application Firewall (WAF) to protect many of their on-premises applications when they first began migrating some of their workloads to Amazon Web Services (AWS). At the time, they were using another vendor for DDoS mitigation on AWS. However, DigiCert was not satisfied with this offering because it excessively scrubbed traffic and, in many cases, blocked legitimate traffic.
Given the nature of DigiCert’s business, they are subjected to some form of attack (usually multiple attacks) on a daily basis. As their usage of AWS grew, and they embraced a true hybrid model, DigiCert realized they needed a new security solution. To eliminate management complexity, DigiCert wanted a solution from a single provider that delivered both WAF protection and DDoS mitigation across their entire hybrid environment. The solution would have to manage risk and monitor all traffic to rapidly identify threats, while only allowing valid traffic to gain access to their applications.
They knew from their previously negative DDoS protection experience that lowering false positives was a key requirement. They also wanted assurance of rapid response to minimize potential business interruption. In addition, because of time and resource constraints, they wanted to automate as much of the security process as possible. After doing their research and testing, DigiCert determined that Imperva, an APN Security Competency Partner, met all their application security needs.
The Solution
DigiCert implemented Imperva to protect their hybrid environment. They were already using Imperva’s WAF on-premises to defend against Layer 7 attacks, known threats, and zero-day attacks to rapidly identify the threats that required investigation. By expanding their usage of Imperva, DigiCert was able to extend protection to AWS and maintain their security posture both during and after migration.
Imperva’s sophisticated threat detection technology draws upon vast experience in the WAF market. As traffic passes through their network, advanced client classification technology (together with crowdsourcing and IP reputation data) automatically analyzes it to identify and block web application attacks. These include SQL injection, cross-site scripting, illegal resource access, comment spam, site scraping, malicious bots, and other top threats. Granular filters and controls reduce false positives and prevent access from unwanted visitors, while IP address shielding hides the web server’s IP address.
As a result, Imperva has protected DigiCert’s AWS workloads for the entire time they have been running on the cloud. The Imperva solution has enabled DigiCert to improve visibility into their application environment, both on-premises and on AWS, and is continuously monitoring behavior and sending automated alerts when suspicious activity is discovered. The versatility of Imperva’s solution provides fully integrated protection for DigiCert’s hybrid application workloads and allows them to manage their security efforts from a single pane of glass.
With more than 40 Network Operations Centers (NOCs) around the world, the DDoS protection provided by Imperva is able to scrub 6-plus Terabits-per-second of network traffic with a 3-second SLA to mitigate attacks. This enables the Imperva team to be very responsive, whether they are answering questions or troubleshooting as needed.
The Benefits
DigiCert has greatly reduced the risk of application outage and has been able to seamlessly protect their applications and data from web application exploits. These aspects of Imperva’s security solution, working in conjunction with the AWS Shared Responsibility Model, have successfully protected DigiCert’s application and data workloads on the cloud.
According to Aaron Blakely, DigiCert’s Director of Global Security Operations, what really impressed them about Imperva was, “the amount of capacity they could take on, because some of the attacks we have seen have been pretty big, and we were concerned that other solutions would not have been able to protect us.”
DigiCert has also benefitted greatly from the WAF’s Layer 7 protection capabilities, and comprehensive DDoS protection they have received from Imperva, which uses a multi-step approach to quickly and thoroughly identify traffic which could pose a threat.
In addition, DigiCert has been able to realize the value of consistently ensuring that sufficient security strategies are in place to not only protect their resources, but also help them remain compliant with regulatory requirements.
By working with Imperva, DigiCert has discovered suspicious activity more quickly and dealt with these threats before they became problems that could impact their business. Imperva has helped the company identify and investigate real threats instead of wasting cycles chasing false positives, allowing their security staff to remain focused and efficient. All told, DigiCert has had a tremendous experience working with Imperva.
A Small Price for Secure Outcomes
From the outset, DigiCert appreciated the ease of deployment provided by Imperva. The solution was implemented quickly, and immediately scaled to their needs in their data center and on AWS. Employing Imperva’s WAF protection and DDoS mitigation has enabled DigiCert to get the application security they need. One example of the solution’s effectiveness was seen when DigiCert was subjected to a large-scale attack that lasted for three days. Throughout this attack, the Imperva offering continued to adapt and keep DigiCert’s applications secure and available, with no outages.
The DigiCert team also benefits from Imperva’s convenient user interface, which allows them to accomplish much more with fewer committed resources. They are able to see the number of attacks that Imperva has defended against on a daily basis.