The Mississippi Secretary of State, which provides information and services to citizens through eight different divisions, was facing a significant challenge in upgrading its security posture to protect against advanced threats such as ransomware. The agency was in need of a solution that could simplify management and provide comprehensive advanced threat prevention from network to endpoint. The solutions previously deployed lacked capabilities such as sandboxing that could accurately stop and analyze potential threats. Endpoint protection was a traditional, signature-based antivirus product that not only missed malware and advanced threats, but also negatively impacted users’ PC performance. The agency also lacked adequate visibility into threats and actionable information for combating them.

The American low-cost airline, operating scheduled and charter flights across 120 locations, faced a significant challenge in securing its virtual desktop infrastructure environment. The airline had previously supplied laptops for staff and deployed physical firewalls at each location. However, because traffic was shared over a common network, any security or network problem at one airport could potentially affect all locations. The infrastructure was not only costly but also difficult to manage consistently. As the threat landscape intensified, the airline’s team wanted to simplify their network design, bring more automation into their releases, and increase their ability to prevent attacks across an increasingly virtualized infrastructure. The airline chose to deploy VMware NSX in their datacenter and implement a virtual desktop infrastructure (VDI) delivered over Internet links to all airports. This move aimed to simplify network management, deliver greater agility, and enable the team to micro-segment traffic with policies specific to each segment for higher resiliency.

State Transport Leasing Company (STLC), a leading Russian leasing company specializing in transport, was facing several challenges related to its cyber security. The company needed to consolidate multiple security solutions to simplify management and improve security. The corporate network was under constant threat from both external and internal sources, and there was a need to protect against advanced and zero-day threats. The company also wanted to enhance endpoint security without interrupting the business flow. The challenge was to increase security effectiveness and ease the workload of the security admin. In recent years, the company had faced issues related to data protection, including unauthorized access to corporate resources and threats posed by ransomware. While the IT team was able to prevent these issues as they arose, the management realized the need for proactive threat prevention to avoid potential damage to the business.

Optimal media GmbH, a leading media services provider in Europe, faced significant challenges in protecting its intellectual property and preventing the loss of sensitive customer data. The company's IT department was responsible for network and IT security systems for all eight of Edel AG’s European offices. The data they received from customers for the production of CDs or records contained highly sensitive information and intellectual property that required robust protection. The International Federation of the Phonographic Industry (IFPI) audited the IT security systems at optimal media each year, and the company had always passed. However, the threat level was becoming increasingly critical, and the time required to prepare for the audits was becoming unmanageable. Their existing, outdated firewall solution was insufficient for long-term use as it could not handle unknown threats.

The U.S. Public Health Services Provider, a leading West Coast provider of emergency health services, was faced with the challenge of securing its patients’ highly sensitive data. With over two million patients and more than 90 locations, the organization was a prime target for malicious actors. The potential breach of information such as patients’ medical information, social security numbers, and personal addresses could lead to disastrous results including identity theft, insurance fraud, and data manipulation leading to mistreatment. Additionally, the organization had critical medical devices that required internet connectivity. Any compromise in connectivity due to an attack could result in serious repercussions to patients receiving emergency care, including delays in treatments, worsening of conditions, or even death. The organization needed a solution that would not just detect advanced threats to its network, but ultimately prevent them from coming in.

Laurenty, a family group specializing in cleaning, road sweeping, building, and green spaces, faced a significant challenge in unifying its security standards across networks and endpoints. The company needed to comply with the European General Data Protection Regulation (GDPR) laws, which were set to come into force in 2018. In 2015, Laurenty realized that its IT security infrastructure was technically outdated and fragmented. The company was using several point products to address specific security challenges, which resulted in multiple consoles, different approaches, and no global visibility. Furthermore, the impending GDPR regulations required all European companies to demonstrate that all personal data held by them is protected, particularly against theft. Non-compliance could result in severe penalties of up to 4% of the company's annual turnover. To protect its laptops against data breaches, Laurenty needed a strong encryption solution.

OpenLink, a global leader in asset management solutions for the energy, corporate and financial industries, faced several challenges. The company needed to secure public cloud environments for each of its clients, increase client servicing capacity while minimizing physical infrastructure and management requirements, and reduce infrastructure costs while increasing competitive advantage. OpenLink's solutions were typically deployed in clients’ own data centers, built with high amounts of excess processing capacity to handle peak periods of demand. This resulted in high capital investment, maintenance, and support costs. For smaller clients without large data centers, OpenLink began hosting customer workloads and data in its own data center, functioning as a service or hosting provider, processing large amounts of client data. This situation led OpenLink to consider a service delivery architecture that included public cloud to support more clients with less physical infrastructure and with the added flexibility to scale on demand for peak usage periods.

Edenred, a global leader in prepaid corporate services, faced several challenges in maintaining the security of its operations. The company needed to stop malicious files attached to emails from entering their network or users’ inboxes. They also had to manage consistent, end-to-end security across four continents, ensuring compliance with multiple security regulations. As a financial organization, Edenred was subject to the Payment Card Industry Data Security Standard (PCI DSS), banking regulations, transaction authorization requirements, and General Data Protection Regulation (GDPR) laws. The company needed to create security and compliance standards that encompass its operations in North America, Europe, Brazil, and Singapore. The challenge was to find a solution that provides not only the best protection but also can meet the most demanding compliance standards.

StubHub, a leading ticket marketplace, was facing a series of challenges due to the activities of malicious bots. These bots were scraping pricing and inventory data from StubHub's website, selling this proprietary information to competitors, and reposting it on other platforms. This not only led to StubHub's pricing being undercut but also resulted in the theft and misuse of customer accounts. The problem was further exacerbated by the availability of stolen login information and password reuse, which facilitated account takeovers leading to buyer and seller fraud. Additionally, StubHub's site was under constant attack from Advanced Persistent Bots (APBs) that could imitate human-like interactions and blend in with human traffic. These bots were causing a significant increase in site traffic, leading to skewed analytics and artificially low conversion rates.

Smallpdf, a Swiss company providing online PDF tools, faced a significant challenge in protecting its over a billion user accounts from sophisticated bot-driven brute force credential stuffing attacks. These attacks were not only a threat to the sensitive data held in user accounts but also posed a risk to the company's infrastructure. The brute force attacks could potentially impact website performance, causing slowdowns and disruptions for legitimate users. The company's security team was consistently dealing with large-scale botnets targeting their website, which could compromise user accounts if not effectively mitigated. The need to protect their users and maintain the performance of their authentication service was a top priority for Smallpdf.

Brock University, a leading Canadian institution, was facing a significant challenge with its IT infrastructure. The university's mainframe, proprietary database was no longer capable of supporting its online programs and corresponding web-based applications. As the university planned to move from its proprietary mainframe database to a Microsoft SQL Server environment, it was concerned about the protection of its applications and data. The new environment would support a wide array of homegrown, web-based front-end applications, including student self-service applications, administration, finance, and business applications. The university was also concerned about protecting its database against new vulnerabilities that could be introduced over time. Furthermore, the combination of its custom web applications, thousands of users, and database conversion project was going to present a significant number of opportunities for insider threats and external attacks. Given the magnitude of the conversion project and its limited IT resources, Brock wanted a solution that was easy to implement and didn't require a lot of manual tuning.

The organization, a leader in the property and casualty insurance industry, was grappling with the challenge of scaling data discovery across millions of data records. They were also tasked with monitoring hundreds of databases and fulfilling numerous data owner requests every week. The existing manual processes were time-consuming and inefficient, often taking up to four weeks to complete a single data inventory task. The organization was also struggling with managing data owner requests without expanding their staff. Additionally, the audit reporting process was cumbersome and inefficient, leading to a significant amount of time being spent on audit documentation.

A Real Estate service business was in the process of rapidly deploying Amazon RDS databases to enhance its operations. However, this swift transition posed a significant challenge for the company's audit team. They were required to keep pace with the rapid deployment and ensure that all the databases were compliant with the necessary regulations. The team was also under pressure to prepare for an audit that was scheduled in just 60 days. The challenge was to find a solution that could provide rapid coverage of the 8 RDS instances, automatically discover and classify sensitive data, and establish and retain an audit and forensic trail for all database activity.

National Bankcard Services (NBS) provides custom processing solutions for petroleum and convenience store markets, including an online service for retailers to offer various payment options. As part of its operations, NBS enables its customers to track sales from payment card usage through an online portal. To maintain its reputation, NBS must ensure that the sales and related private corporate information of their customers is protected from unauthorized access and data theft. The company was previously performing code reviews and manual code fixes for its web applications, a process that was both time-consuming and prone to human error. NBS needed to comply with PCI 6.6 to protect the online portal from all types of application threats. However, with a small IT staff, the solution needed to be easy to configure and maintain.

vli Limited, a UK-based company that develops and manages innovative web-based solutions, faced a significant challenge in securing its hosted web application platforms. With a customer base of around 100, all of vli’s servers were co-hosted at a data centre operated by a third-party provider. While managed firewalls were already deployed at the data centre, vli had not yet implemented a Web application firewall solution. The company was particularly concerned about SQL injection, a common form of automated application attack that could potentially pose a significant threat to their critical infrastructure. The company's expansion plan for 2009, which involved aggressively targeting the SME market and increasing the number of platforms hosted by them, further compounded the issue. vli needed a robust security solution that could secure their entire legacy, current, and future code, and be fully interoperable with other layers of security architecture.

TechSoup Global, a nonprofit organization based in San Francisco, California, provides other nonprofits with technology resources and support. Their product donation program, TechSoup Stock, allows nonprofits to access donated and discounted technology products, saving organizations over $1.4 billion in expenses as of June 2009. However, the organization faced a significant challenge in securing its web-based transaction processing infrastructure, which was a prime target for hackers due to the processing of donations through credit cards. After an unsuccessful breach attempt, TechSoup realized the need to go beyond traditional perimeter and desktop protection. The organization needed a comprehensive security solution that would effectively monitor and protect its applications from hackers, prevent the loss of sensitive data, and facilitate PCI compliance. The solution also needed to be easy to use and deploy, and require no changes to applications or the network.

Metro Bank, Britain’s first new High Street bank in over 100 years, was facing a significant challenge in improving employee productivity by enabling off-network access to Office 365 and Yammer. Despite having AirWatch Mobile Device Management (MDM) in place, the bank felt that the move was too risky due to the vital importance of protecting bank and customer data. The bank wanted to limit off-network access to corporate devices already managed with their AirWatch MDM deployment, but there was no straightforward way to enforce this policy with their existing tools. The bank's goal was to provide full access to Office 365 for corporate owned device users, on or off network, and to extend access to Yammer to personal device users. In the second phase, specific colleagues were to be given off-site access to the more-sensitive information within Dynamics CRM.

Drupal.org, a community of over a million developers, designers, trainers, strategists, coordinators, editors, and sponsors, faced a significant challenge with spam. Spammers created bogus accounts to post junk content on Drupal.org's website, which has a highly coveted Google PageRank of 9. This spam was damaging to the Drupal brand and risked lowering its PageRank value. The spam was not automated but posted by actual people, making it harder to mitigate. The staff and community volunteers had to spend considerable time manually identifying and removing spam, with some spending up to half their workday on this task. Additionally, the spammer accounts skewed the community engagement metrics, making it hard to gauge the actual growth and engagement of the community. The spam also took up unnecessary space in the database and backups.

PSCU, a credit union service organization, was facing a significant challenge in protecting its sensitive data from advanced targeted attacks. These attacks are multi-phased and designed to bypass the security perimeter, often targeting company employees as an entry point. PSCU had tokenization and encryption technology in place, but they understood that monitoring all access to sensitive information and responding to suspicious activity in real-time was crucial for enhancing their security posture. They needed a solution to monitor privileged users, who are often the prime target of advanced attacks, and locate unauthorized copies of databases. Additionally, PSCU wanted a dedicated malware detection solution to add to its layered defense strategy.

Partner Agent Inc., a leading innovator in the marriage services industry, was faced with the challenge of ensuring absolute security for its new B2B business initiatives. The company needed a security system that could be implemented with limited human resources, yet robust enough to safeguard web access and protect their extremely important customer information. The company was also looking for a reputable security vendor that could put their partners at ease. As the company expanded into B2B, it became imperative to have a Web Application Firewall (WAF) that offered absolute security. The company was entrusted with extremely personal details about its clients, making it crucial to have a reliable IT system as part of its business infrastructure. As the business underwent rapid expansion, the number of new features provided and their constant upgrading gave rise to new problems.

ALYN Woldenberg Family Hospital, Israel’s only pediatric rehabilitation facility, was facing a significant challenge in securing its website and customer database of over 70,000 patients. The hospital's IT team was particularly concerned about the security of their content management system (CMS), as they felt their existing cybersecurity vendor was not updating the security on their CMS frequently enough. This left them vulnerable to cyberattacks, a growing concern in the healthcare industry. The hospital also had to consider patient privacy and regulatory compliance in their search for a new cybersecurity solution. The cost-benefit ratio and the constraints of a small IT team meant they needed a managed system that was easy to integrate and required minimal upkeep. Initially hesitant to move to a cloud-based system due to strict government regulations, they were also concerned about the potential weak points in their special projects website, which was used for resource development and event coordination.

A leading global bank, operating in over 40 countries and serving over 38 million customers, was facing significant challenges in meeting key regulatory requirements such as the Monetary Authority of Singapore Technology Risk Management (MAS TRM), Reserve Bank of India (RBI) Guidelines, and Sarbanes-Oxley Act (SOX). The bank was using built-in auditing capabilities included with their databases to meet these requirements. However, these tools proved to be costly and unreliable, consuming 20% of their database processing power, requiring additional hardware and software purchases, and necessitating extra storage space for the massive volume of log data being collected. The bank also had to increase its IT headcount to manage the auditing system and run audit reports. The bank estimated that to make their in-house solution work effectively, it would cost them at least $100 million. Furthermore, the bank failed an audit due to their inability to produce consistent and repeatable audit reports that satisfied the different regulations.

The automotive retailer, operating hundreds of stores and websites, was facing a significant challenge with malicious bot traffic. Despite having multiple firewalls, appliances, and other mechanisms for blocking attacks, the company's nearly 100 web properties were frequently crashing due to bad bots attempting to scrape content. The bots were pulling an average of 8,000 pages per second for competitive data mining, causing the sites to crash frequently. The company was also struggling with managing blacklists and whitelists, which was proving to be an administrative nightmare. The situation was so severe that it was consuming the equivalent of one full-time employee (FTE). The company needed a solution that could intelligently block traffic, maintain the same service level from a performance standpoint, integrate seamlessly with their existing complex infrastructure, and work well with their existing monitoring tools.

A leading research university in the U.S. was seeking a robust security solution for their SharePoint system to protect it from both internal and external threats. The university, like many other higher education institutions, was focused on maintaining compliance with regulations such as FERPA, PCI, and HIPAA, and ensuring the security of their online presence. The Information Technology group at the university was responsible for securing the websites for the revenue-generating departments on campus. They used Microsoft SharePoint for their intranet portals and hosted public-facing websites for various services like student housing, campus parking, the university bookstore, dining programs, and more. These sites served as self-service commerce portals for its 30,000 undergraduate and graduate students, necessitating deeper security assurance and greater visibility into the SharePoint environment. The university wanted to better understand the SharePoint security posture of both its external and internal deployments. They found that native SharePoint lacked the necessary security capabilities to protect a web-facing deployment that housed sensitive data like financial information, personal health information (PHI), and personally identifiable information (PII).

AARP, an organization dedicated to improving the quality of life for people over 50, offers a range of products, services, and resources to its millions of members. Many of these services involve the use of personally identifiable information (PII), necessitating a robust security-in-depth cyber defense program to protect the data of AARP members, volunteers, and employees. AARP was in search of a runtime application self-protection (RASP) solution that could safeguard its Amazon Web Services (AWS)-hosted applications from attacks in its production environments. The organization had identified 31 Java applications for initial RASP implementation, but also needed a solution that could accommodate potential future transitions to a microservices-based architecture. Additionally, AARP required a RASP solution that would complement its existing security program, which includes vulnerability management, incident detection and response, and network defense.

Covelli Enterprises, the largest franchisee of Panera Breads and O’Charley’s restaurants, was facing a significant challenge with its web security. Despite maintaining a low online profile, the company's web servers were consistently targeted by IP addresses from foreign countries. These servers housed sensitive data, including web-based email accounts, company reports, and business intelligence. The potential exploitation of these servers could lead to consumers being lured with malicious web advertising. Covelli's initial solution, an IPS system, proved insufficient as there were numerous ways to bypass it. The company needed a more robust solution to block attacks from known malicious users, monitor web application traffic, block web page and malware injection, and prevent unauthorized access to specific web servers.

A leading online education services provider in the United States faced a significant challenge in protecting the Personally Identifiable Information (PII) of its students in non-production environments. These environments included application development, testing, and training, which required the use of student data. The challenge was to find a solution that could securely de-identify student information before sharing it for these purposes. The need for such a solution was driven not only by the priority of ensuring the security of student information but also by the need to comply with the Family Educational Rights and Protection Act (FERPA). The client was also under pressure to maintain the integrity of its brand and uphold a track record of secure student data. The ideal solution needed to be time and resource-efficient, support the complexity of their underlying data, and mask it intelligently so that the end result looks and acts like the original data. The client also sought a vendor with a strong consulting practice to leverage data masking experts and accelerate the project.

Banco Popular Dominicano (BPD), a leading privately owned bank in the Dominican Republic, was facing challenges with its complex database environments. The databases were on separate servers, shared and consolidated due to the high cost of infrastructure. The existing solution was not meeting the bank's needs as it required too much time and resources to operate, and lacked the capacity to scale to meet the high demands of the production environment. The bank needed a solution that would not negatively affect any production process and could run without the need for additional equipment and personnel.

Intuition Systems, a high-volume electronic payment processor, was faced with the challenge of meeting the new PCI requirement for Web Application protection. As a Level 1 Payment Card Industry Service Provider, they had the option to either install application layer firewall technology or go through a secure code vulnerability assessment process for each of their custom applications. At the time, six of their custom applications processed credit cards and were subject to PCI. They expected this number to grow to 10 or more within the year. The process of obtaining a code vulnerability assessment of each custom application would be time-consuming and expensive, and would restrain their ability to add applications and scale their business. Therefore, they decided that the secure code assessment option did not fit their business model. They needed a solution that was scalable, easy to implement and manage, and would not impact their applications and IT infrastructure.

Pelephone Communications Ltd., a leading communications company in Israel, was facing a significant challenge in managing and securing its vast amount of customer and financial data. The company's Chief Security Officer, Yoni Elias, was keen on ensuring that all sensitive data was accessible only on a business need-to-know basis. To enhance Pelephone’s security posture and meet compliance requirements, the company needed granular visibility into file and folder permissions, easy and automated data ownership identification, scheduled and on-demand access audit reports, and real-time policies to alert on data usage that violated standard corporate practices. However, their existing data governance system, particularly the reporting and alerting capabilities, had significant drawbacks that were driving operational costs higher.