Download PDF
DigiCert Enhances AWS Environment Security with Imperva
Technology Category
- Application Infrastructure & Middleware - Event-Driven Application
- Cybersecurity & Privacy - Application Security
Applicable Industries
- Glass
- National Security & Defense
Applicable Functions
- Maintenance
Use Cases
- Tamper Detection
- Traffic Monitoring
Services
- Cloud Planning, Design & Implementation Services
The Challenge
DigiCert, a leading provider of scalable identity and encryption solutions, was already using Imperva’s SaaS Web Application Firewall (WAF) to protect their on-premises applications when they began migrating some of their workloads to Amazon Web Services (AWS). However, they were not satisfied with their existing DDoS mitigation solution on AWS, as it excessively scrubbed traffic and often blocked legitimate traffic. As DigiCert's usage of AWS grew, they realized the need for a new security solution that could manage risk, monitor all traffic, rapidly identify threats, and only allow valid traffic to access their applications. They wanted a solution from a single provider that could deliver both WAF protection and DDoS mitigation across their entire hybrid environment. The solution also needed to lower false positives, assure rapid response to minimize potential business interruption, and automate as much of the security process as possible due to time and resource constraints.
The Customer
DigiCert
About The Customer
DigiCert is a leading provider of scalable identity and encryption solutions for the enterprise. They secure the world's most sensitive data across software, devices, and websites. DigiCert is committed to providing the best security solutions for their customers, and as such, they are constantly under attack. They have a hybrid model, with some workloads on-premises and some on AWS. They were looking for a comprehensive security solution that could protect their entire environment, reduce false positives, assure rapid response, and automate as much of the security process as possible.
The Solution
DigiCert implemented Imperva to protect their hybrid environment. They expanded their usage of Imperva’s WAF, which they were already using on-premises, to extend protection to AWS and maintain their security posture both during and after migration. Imperva’s sophisticated threat detection technology, advanced client classification technology, crowdsourcing, and IP reputation data automatically analyze traffic to identify and block web application attacks. These include SQL injection, cross-site scripting, illegal resource access, comment spam, site scraping, malicious bots, and other top threats. Granular filters and controls reduce false positives and prevent access from unwanted visitors, while IP address shielding hides the web server’s IP address. Imperva has protected DigiCert’s AWS workloads for the entire time they have been running on the cloud, improving visibility into their application environment, both on-premises and on AWS, and continuously monitoring behavior and sending automated alerts when suspicious activity is discovered.
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
Data Capture for Afghanistan Forces
Electronic equipments on the field of Afghanistan provided information on the status of the vehicle and to identify potential threats surrounding it to the British Force. The monitoring and interpretation of this data requires robust and sophisticated digitization for data capture and communication.
Case Study
Discrete Manufacturing Industries (Fiberglass Pipe)
The implementation of ERP software in a Discrete Manufacturing organization needs to be strategic, irrespective of its size and capacity. The client had already implemented an ERP system which fulfilled their requirements but was not efficient enough. Efficiency here meant Synchronized Planning, Updating and Multisite Planning. Planning at client’s place was done outside the ERP system. Lack of proper synchronization to the ERP system paved way to huge delays in the changes getting updated in the system. These delays caused disruption in achieving delivery schedules. Multisite Planning is a solution to an organization which has multiple production units (may or may not be geographically separated) and thus needs planning across these units to synchronize production activities within them. The client also has multiple factories and hence Production Planning control is very essential in their case. Since Multisite planning was not possible with Baan ERP system, this was another bottleneck for the client.
Case Study
Major Aerospace Company Automates Asset Management
The O&M division of an aerospace and global security company was using spreadsheets to manually track more than 3,000 assets assigned to students and staff. Maintaining audit trails for this high volume of equipment became increasingly time-consuming and challenging. The chore involved knowing precisely what equipment was on hand, what had been issued, its location and the name of the custodial owner of each item. Every aspect of this task was carried owner of each item. Every aspect of this task was carried out by individuals with spreadsheets. Manually documenting the full lifecycle of each asset added to the burden. This included tracking maintenance requirements and records, incidents and damages, repairs, calibrations, depreciation, and end-of-life data.
Case Study
Securing a Large Data Center in the EMEA Region: An IoT Case Study
A leading data-center operator in the EMEA region, with multiple facilities spanning over 25,000 square meters, faced significant security challenges. The operator experienced interruptions in their internal IT network due to unsupervised work of third-party technicians. Despite having a high-end building control system that provided 24x7 monitoring and control to all the building’s infrastructure, the data center was vulnerable from a cyber perspective as it was connected to the IT network infrastructure. The operator launched an urgent OT cyber security project that included both IT-OT network segmentation and OT network asset mapping and anomaly detection. The main objectives were to harden the security of the server systems, secure the facility’s power supply and server cooling system, strengthen the segmentation between building and operational systems, create a visual OT network map, and set up a system for presenting supply-chain attacks that may threaten the data center through equipment vendors’ maintenance activities.
Case Study
Enhancing Security Precision with IoT: A Case Study of Guardsman Group
Guardsman Group, a leading security company in the Caribbean, faced a significant challenge in maintaining the security of its digital infrastructure. The company provides security equipment, personnel, and systems for various businesses across the region. However, one of its offices experienced a security incident that affected all communications at that location. The existing security tools were not sufficient to provide the necessary protection, and it took hours to identify the source of the issue. This incident highlighted the need for a dynamic solution that could proactively identify threats. The company's primary concern was any disruption to its business, as it manages a significant portion of Jamaica's money and cannot afford for its operations to go down.
Case Study
Asia Airfreight Terminal Enhances Operational Efficiency with CommScope's RUCKUS Solutions
Asia Airfreight Terminal (AAT), a leading cargo handling company based out of Hong Kong International Airport, was facing challenges with its Wi-Fi network, which was critical for the functioning of its automated Material Handling System (MHS) within the warehouse. Any interference or lost signals could directly impact their operational efficiency. AAT also had separate networks for their office and CCTV cameras, which made the job of their data center challenging. The company was in search of a Wi-Fi network configuration that could streamline their networks and reduce its network management workload. AAT was already running on equipment from a competing vendor, and the new solution needed to prove its worth in scalability and reliability.