Download PDF
Finn AI's Implementation of Fastly's Next-Gen WAF for Enhanced API Security
Technology Category
- Analytics & Modeling - Natural Language Processing (NLP)
- Application Infrastructure & Middleware - Middleware, SDKs & Libraries
Applicable Industries
- Equipment & Machinery
- National Security & Defense
Applicable Functions
- Quality Assurance
Use Cases
- Supply Chain Visibility
- Tamper Detection
Services
- System Integration
- Testing & Certification
The Challenge
Finn AI, a provider of AI-powered virtual assistance for banks and credit unions, faced a significant challenge in securing their business-critical APIs. The company, which uses natural language processing technology (NLP) to enable conversational AI technology for financial institutions, needed a solution that would provide visibility into API discovery attempts by malicious threat actors and the ability to stop unusual activity against these APIs. Despite having a relatively small attack surface due to the absence of a client-side frontend, Finn AI's APIs still required effective protection. The company sought a solution that would install easily, scale effectively, be light on resources, and provide protection against OWASP Top 10 and zero-day exploit attempts.
About The Customer
Finn AI is a technology company that provides AI-powered virtual assistance for banks and credit unions, aiming to enhance their digital customer experience. The company uses natural language processing technology to enable conversational AI technology for financial institutions, allowing bank customers to manage personal finances through simple voice or text-based interactions. In 2022, Finn AI was acquired by Glia, a leading provider of Digital Customer Service. Finn AI operates as middleware, working between the commercial frontends and SDKs of a bank’s apps, including mobile apps.
The Solution
Finn AI, which operates as middleware between the commercial frontends and SDKs of a bank’s apps, chose Fastly to run alongside its core Node.js for effective inspection of API requests. As Finn AI operates within Amazon Web Services, it was crucial to find a solution with a cloud-native focus. Fastly’s Next-Gen WAF was selected for its machine learning-based approach to protection against zero-day attacks. The solution provides visibility across the attack surface and a proactive defense. It also allows Finn AI to maximize IT staff utilization while building security resilience. The Next-Gen WAF provides feedback on persistent attack attempts, making it easy to use and improving Finn AI's security posture across their IT stack. Additionally, actionable alert feedback via alerts sent to various DevOps tools like Slack and Jira allows Finn AI to better analyze the attack surface.
Operational Impact
Related Case Studies.
Case Study
Smart Water Filtration Systems
Before working with Ayla Networks, Ozner was already using cloud connectivity to identify and solve water-filtration system malfunctions as well as to monitor filter cartridges for replacements.But, in June 2015, Ozner executives talked with Ayla about how the company might further improve its water systems with IoT technology. They liked what they heard from Ayla, but the executives needed to be sure that Ayla’s Agile IoT Platform provided the security and reliability Ozner required.
Case Study
IoT enabled Fleet Management with MindSphere
In view of growing competition, Gämmerler had a strong need to remain competitive via process optimization, reliability and gentle handling of printed products, even at highest press speeds. In addition, a digitalization initiative also included developing a key differentiation via data-driven services offers.
Case Study
Predictive Maintenance for Industrial Chillers
For global leaders in the industrial chiller manufacturing, reliability of the entire production process is of the utmost importance. Chillers are refrigeration systems that produce ice water to provide cooling for a process or industrial application. One of those leaders sought a way to respond to asset performance issues, even before they occur. The intelligence to guarantee maximum reliability of cooling devices is embedded (pre-alarming). A pre-alarming phase means that the cooling device still works, but symptoms may appear, telling manufacturers that a failure is likely to occur in the near future. Chillers who are not internet connected at that moment, provide little insight in this pre-alarming phase.
Case Study
Premium Appliance Producer Innovates with Internet of Everything
Sub-Zero faced the largest product launch in the company’s history:It wanted to launch 60 new products as scheduled while simultaneously opening a new “greenfield” production facility, yet still adhering to stringent quality requirements and manage issues from new supply-chain partners. A the same time, it wanted to increase staff productivity time and collaboration while reducing travel and costs.
Case Study
Integration of PLC with IoT for Bosch Rexroth
The application arises from the need to monitor and anticipate the problems of one or more machines managed by a PLC. These problems, often resulting from the accumulation over time of small discrepancies, require, when they occur, ex post technical operations maintenance.
Case Study
Robot Saves Money and Time for US Custom Molding Company
Injection Technology (Itech) is a custom molder for a variety of clients that require precision plastic parts for such products as electric meter covers, dental appliance cases and spools. With 95 employees operating 23 molding machines in a 30,000 square foot plant, Itech wanted to reduce man hours and increase efficiency.
