Business Challenges & Requirements
- The company was in search of a WAAP that they could deploy for protecting both their public-facing and internal usage systems (hundreds of applications)
- Despite exploring distinct options, they found it tough to find a WAF that guaranteed day zero deployment with zero downtime
- The organisation was extremely concerned about the application’s uptime after deploying a WAAP, as downtime to any application would significantly affect its business operations. They wanted an uptime SLA of at least 99.999% for all their sites from the vendor
- Additionally, the security team also wanted a vendor who could manage the false positives below 1% and offering comprehensive protection against various application attacks
- Continuous monitoring of all their applications and prompt alerts and, blocks of complex attacks was an additional requirement
- Given the importance of security and the oversight from the board, the management team needed detailed report highlighting the attack details to share in Quarterly Business Reviews with the board
Solution by Indusface :
Structured deployment of hundreds of applications
- Indusface deployed the all the applications on AppTrana WAAP in block mode with zero downtime
Uptime
- Indusface guaranteed a 100% SLA with the AppTrana WAAP (hosted on AWS). Furthermore, AppTrana’s architecture is designed for large failures – applications can be directly bypassed from WAAP, and the downtimes can be further avoided
- Furthermore, Indusface also ensured round-the-clock protection against DDoS and bot attacks through auto-scaling an unmetered protection. The customer was charged only for the legit traffic that passed to their origin server
Zero false positives
- Indusface provided zero false positives assurance to the organization on all security policies including core rules, application specific custom rules and zero-day vulnerabilities
Comprehensive protection with 24*7 support & virtual patching
- AppTrana WAAP blocked most of the DDoS, bot, zero-day, and vulnerability-focused attacks with its core rules
- In case of any custom/targeted attacks, the Indusface 24*7 managed security services team made sure to monitor and alert these attacks to the customer instantly and created SLA-backed virtual patches to thwart the attacks
Reporting
- The AppTrana dashboard comes with a 360º unified view that provides details of the entire application & API security risk posture, insights into the cyber-attacks and steps taken to mitigate them
- The management team of the company were provided with a consolidated report for quarterly business review, which they could further share with the board members and take necessary steps to improve their security posture
With the help of all the above solutions addressing the specific needs of the customer, Indusface has become a trusted partner for them and has been keeping their business protected ever since 2019
Results:
- Zero-onboarding time with hundreds of applications deployed in block mode
- Successfully protected over a hundred public-facing and internal usage applications
- Millions of DDoS, bot, zero-day, and API attacks blocked over a span of 5 years
- Recorded zero cases of downtime since the deployment of AppTrana
