Download PDF
Sauce Labs Enhances Web Application Security with Fastly’s Next-Gen WAF
Technology Category
- Cybersecurity & Privacy - Application Security
- Infrastructure as a Service (IaaS) - Hybrid Cloud
Applicable Industries
- National Security & Defense
- Telecommunications
Applicable Functions
- Quality Assurance
Use Cases
- Supply Chain Visibility
- Tamper Detection
Services
- Cloud Planning, Design & Implementation Services
- Testing & Certification
The Challenge
Sauce Labs, the world's largest continuous testing cloud for web and mobile applications, faced a significant challenge in protecting its web applications distributed across a hybrid cloud environment with different application stacks. The company's mission is to ensure that mobile applications and websites work flawlessly on every device, operating system, and browser, delivering an impeccable digital experience to users. However, the company was vulnerable to potential attack vectors, including click fraud and abuse of its free trial virtual machine offering. The Senior Director of Product Security, John Kennedy, was in search of a single technology that could defend against these threats and ensure the security of the company's web applications.
About The Customer
Sauce Labs is the world's largest continuous testing cloud for web and mobile applications. The company provides a platform for businesses to ensure that their mobile applications and websites work flawlessly on every device, operating system, and browser. This service allows businesses to deliver an impeccable digital experience to their users. Sauce Labs operates in a hybrid cloud environment with different application stacks. The company's business model includes offering free trials of its virtual machine service, which had been subject to abuse. The company's commitment to security is evident in its search for a comprehensive solution to protect its web applications from various threats.
The Solution
Sauce Labs adopted Fastly’s Next-Gen WAF, which provided intelligent blocking of web threats and visibility to identify unique application abuse. This solution allowed Sauce Labs to thwart these abuses using customizable rules. Fastly’s Next-Gen WAF provided unified visibility with clearer insights for applications running across different stacks and hybrid cloud environments. Despite having extensive logging in place for all its resources, Sauce Labs didn’t have the bandwidth to monitor logs for suspicious events. Fastly’s Next-Gen WAF applies descriptive signals to each request, enabling the team to see a real-time picture of what is going on. Furthermore, Sauce Labs was able to curb abuse of their virtual machine service by configuring a customizable rule to restrict access to specific pages based on geo-blocking.
Operational Impact
Related Case Studies.
Case Study
Vodafone Hosted On AWS
Vodafone found that traffic for the applications peak during the four-month period when the international cricket season is at its height in Australia. During the 2011/2012 cricket season, 700,000 consumers downloaded the Cricket Live Australia application. Vodafone needed to be able to meet customer demand, but didn’t want to invest in additional resources that would be underutilized during cricket’s off-season.
Case Study
SKT, Construction of Smart Office Environment
SK T-Tower is the headquarters of SK Telecom. Inside the building, different types of mobile devices, such as laptops, smartphones and tablets, are in use, and with the increase in WLAN traffic and the use of quality multimedia data, the volume of wireless data sees an explosive growth. Users want limitless Internet access in various places in addition to designated areas.
Case Study
Data Capture for Afghanistan Forces
Electronic equipments on the field of Afghanistan provided information on the status of the vehicle and to identify potential threats surrounding it to the British Force. The monitoring and interpretation of this data requires robust and sophisticated digitization for data capture and communication.