Download PDF
DigiCert Enhances AWS Environment Security with Imperva
Technology Category
- Application Infrastructure & Middleware - Event-Driven Application
- Cybersecurity & Privacy - Application Security
Applicable Industries
- Glass
- National Security & Defense
Applicable Functions
- Maintenance
Use Cases
- Tamper Detection
- Traffic Monitoring
Services
- Cloud Planning, Design & Implementation Services
The Challenge
DigiCert, a provider of scalable TLS/SSL and PKI solutions, was already using Imperva’s SaaS Web Application Firewall (WAF) to protect their on-premises applications when they began migrating some of their workloads to Amazon Web Services (AWS). However, they were using another vendor for DDoS mitigation on AWS, which they found unsatisfactory due to excessive scrubbing of traffic and blocking of legitimate traffic. As DigiCert's usage of AWS grew, they realized the need for a new security solution that could manage risk, monitor all traffic, rapidly identify threats, and only allow valid traffic to access their applications. They wanted a solution from a single provider that could deliver both WAF protection and DDoS mitigation across their entire hybrid environment. The solution also needed to lower false positives, assure rapid response to minimize potential business interruption, and automate as much of the security process as possible due to time and resource constraints.
About The Customer
DigiCert is a provider of scalable TLS/SSL and PKI solutions for identity and encryption. The company is chosen by nearly 90 percent of Fortune 500 companies, and 97 of the 100 largest global banks, for its identity and encryption services for web servers and Internet of Things devices. DigiCert supports TLS/SSL and other digital certificates for PKI deployments at any scale through its certificate lifecycle management platform, CertCentral®. The company is recognized for its enterprise-grade certificate management platform, fast and knowledgeable customer support, and security solutions. DigiCert has over 1200 employees and is headquartered in Lehi, Utah, USA with 12+ worldwide locations.
The Solution
DigiCert implemented Imperva to protect their hybrid environment. They expanded their usage of Imperva’s WAF, which they were already using on-premises, to extend protection to AWS and maintain their security posture both during and after migration. Imperva’s threat detection technology, advanced client classification technology, crowdsourcing, and IP reputation data automatically analyze traffic to identify and block web application attacks. Granular filters and controls reduce false positives and prevent access from unwanted visitors, while IP address shielding hides the web server’s IP address. Imperva has protected DigiCert’s AWS workloads for the entire time they have been running on the cloud. The solution has improved visibility into their application environment, both on-premises and on AWS, and is continuously monitoring behavior and sending automated alerts when suspicious activity is discovered. The versatility of Imperva’s solution provides fully integrated protection for DigiCert’s hybrid application workloads and allows them to manage their security efforts from a single pane of glass.
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
Data Capture for Afghanistan Forces
Electronic equipments on the field of Afghanistan provided information on the status of the vehicle and to identify potential threats surrounding it to the British Force. The monitoring and interpretation of this data requires robust and sophisticated digitization for data capture and communication.
Case Study
Discrete Manufacturing Industries (Fiberglass Pipe)
The implementation of ERP software in a Discrete Manufacturing organization needs to be strategic, irrespective of its size and capacity. The client had already implemented an ERP system which fulfilled their requirements but was not efficient enough. Efficiency here meant Synchronized Planning, Updating and Multisite Planning. Planning at client’s place was done outside the ERP system. Lack of proper synchronization to the ERP system paved way to huge delays in the changes getting updated in the system. These delays caused disruption in achieving delivery schedules. Multisite Planning is a solution to an organization which has multiple production units (may or may not be geographically separated) and thus needs planning across these units to synchronize production activities within them. The client also has multiple factories and hence Production Planning control is very essential in their case. Since Multisite planning was not possible with Baan ERP system, this was another bottleneck for the client.
Case Study
Major Aerospace Company Automates Asset Management
The O&M division of an aerospace and global security company was using spreadsheets to manually track more than 3,000 assets assigned to students and staff. Maintaining audit trails for this high volume of equipment became increasingly time-consuming and challenging. The chore involved knowing precisely what equipment was on hand, what had been issued, its location and the name of the custodial owner of each item. Every aspect of this task was carried owner of each item. Every aspect of this task was carried out by individuals with spreadsheets. Manually documenting the full lifecycle of each asset added to the burden. This included tracking maintenance requirements and records, incidents and damages, repairs, calibrations, depreciation, and end-of-life data.
Case Study
Securing a Large Data Center in the EMEA Region: An IoT Case Study
A leading data-center operator in the EMEA region, with multiple facilities spanning over 25,000 square meters, faced significant security challenges. The operator experienced interruptions in their internal IT network due to unsupervised work of third-party technicians. Despite having a high-end building control system that provided 24x7 monitoring and control to all the building’s infrastructure, the data center was vulnerable from a cyber perspective as it was connected to the IT network infrastructure. The operator launched an urgent OT cyber security project that included both IT-OT network segmentation and OT network asset mapping and anomaly detection. The main objectives were to harden the security of the server systems, secure the facility’s power supply and server cooling system, strengthen the segmentation between building and operational systems, create a visual OT network map, and set up a system for presenting supply-chain attacks that may threaten the data center through equipment vendors’ maintenance activities.
Case Study
Enhancing Security Precision with IoT: A Case Study of Guardsman Group
Guardsman Group, a leading security company in the Caribbean, faced a significant challenge in maintaining the security of its digital infrastructure. The company provides security equipment, personnel, and systems for various businesses across the region. However, one of its offices experienced a security incident that affected all communications at that location. The existing security tools were not sufficient to provide the necessary protection, and it took hours to identify the source of the issue. This incident highlighted the need for a dynamic solution that could proactively identify threats. The company's primary concern was any disruption to its business, as it manages a significant portion of Jamaica's money and cannot afford for its operations to go down.
Case Study
Asia Airfreight Terminal Enhances Operational Efficiency with CommScope's RUCKUS Solutions
Asia Airfreight Terminal (AAT), a leading cargo handling company based out of Hong Kong International Airport, was facing challenges with its Wi-Fi network, which was critical for the functioning of its automated Material Handling System (MHS) within the warehouse. Any interference or lost signals could directly impact their operational efficiency. AAT also had separate networks for their office and CCTV cameras, which made the job of their data center challenging. The company was in search of a Wi-Fi network configuration that could streamline their networks and reduce its network management workload. AAT was already running on equipment from a competing vendor, and the new solution needed to prove its worth in scalability and reliability.