下载PDF
360° Web Application Security Achieved by IT Services Company with Imperva SecureSphere Virtual Appliances
技术
- 应用基础设施与中间件 - 事件驱动型应用
- 网络安全和隐私 - 应用安全
适用行业
- 水泥
- 国家安全与国防
适用功能
- 产品研发
用例
- 库存管理
- 篡改检测
服务
- 网络安全服务
- 系统集成
挑战
一家财富 500 强 IT 服务和商业软件公司拥有超过 20,000 名员工,为其自己的金融应用程序和第三方 Web 应用程序提供数据中心托管服务。其中许多应用程序面向互联网,并受《萨班斯-奥克斯利法案》和《格雷姆-里奇-比利雷法案》监管,要求公司保护敏感数据。由于其应用程序的动态性和高度定制性,该公司在维护安全方面面临挑战。每次更改后持续扫描应用程序非常繁重,并且需要应用程序开发人员和安全工程师之间进行大量协调。该公司需要一种不会影响发布计划、提供即时漏洞修复并无缝集成到其虚拟化环境中的解决方案。
关于客户
该客户是一家财富 500 强 IT 服务和商业软件公司,拥有 20,000 多名员工。他们为自己的金融应用程序和第三方 Web 应用程序提供数据中心托管服务。其中许多应用程序都是面向互联网的,并受到《萨班斯-奥克斯利法案》和《格雷姆-里奇-比利雷法案》的监管。该公司拥有高度虚拟化的环境,Web 应用程序、数据库和负载平衡器均迁移至 VMware。他们还维护一个远程灾难恢复站点,镜像其主站点的基础设施。
解决方案
该公司实施了 Imperva SecureSphere 虚拟设备,这是一种针对其企业数据中心和灾难恢复站点提供精细安全策略的全面保护解决方案。选择 SecureSphere Web 应用程序防火墙是因为其准确的 Web 应用程序保护、在虚拟化环境中轻松部署、精细的安全策略、详细的警报和报告以及虚拟修补功能。该解决方案能够阻止所有应用程序攻击,而不会阻止合法流量。它还提供了全面的警报,其中包含完整的 HTTP 请求,并清楚地识别请求的哪一部分违反了安全策略。 SecureSphere 还能够与公司现有的 IBM AppScan 和 HP Webinspect 工具集成,以虚拟方式修补应用程序漏洞,从而使公司能够针对已知易受攻击的应用程序元素实施更严格的安全规则。
运营影响
数量效益
相关案例.
Case Study
System 800xA at Indian Cement Plants
Chettinad Cement recognized that further efficiencies could be achieved in its cement manufacturing process. It looked to investing in comprehensive operational and control technologies to manage and derive productivity and energy efficiency gains from the assets on Line 2, their second plant in India.
Case Study
Data Capture for Afghanistan Forces
Electronic equipments on the field of Afghanistan provided information on the status of the vehicle and to identify potential threats surrounding it to the British Force. The monitoring and interpretation of this data requires robust and sophisticated digitization for data capture and communication.
Case Study
Digital Transformation of Atlanta Grout & Tile: An IoT Case Study
Atlanta Grout & Tile, a Tile, Stone & Grout restoration company based in Woodstock, Georgia, was facing challenges with its traditional business model. Despite steady growth over the years, the company was falling behind the web revolution and missing out on the opportunity to tap into a new consumer base. They were using independent software from different vendors for each of their department information and workforce management. This resulted in a lot of manual work on excel and the need to export/import data between different systems. This not only increased overhead costs but also slowed down their response to clients. The company also had to prepare numerous reports manually and lacked access to customer trends for effective business decision-making.
Case Study
Major Aerospace Company Automates Asset Management
The O&M division of an aerospace and global security company was using spreadsheets to manually track more than 3,000 assets assigned to students and staff. Maintaining audit trails for this high volume of equipment became increasingly time-consuming and challenging. The chore involved knowing precisely what equipment was on hand, what had been issued, its location and the name of the custodial owner of each item. Every aspect of this task was carried owner of each item. Every aspect of this task was carried out by individuals with spreadsheets. Manually documenting the full lifecycle of each asset added to the burden. This included tracking maintenance requirements and records, incidents and damages, repairs, calibrations, depreciation, and end-of-life data.
Case Study
Revolutionizing Construction Equipment Rental: A Case Study on ProsRent and ENO8
ProsRent, a startup that won the 'Best Financial Opportunity' and 'Best Pitch' at CodeLaunch 2016, aimed to revolutionize the way construction professionals source and rent heavy equipment. In the construction industry, project managers and contractors typically rent heavy equipment from supply companies. However, predicting inventory can be challenging, and finding the required equipment at the right time and place can be a hassle. If the preferred vendor doesn't have the required equipment, it results in wasted time and money in searching for it, often leading to higher costs due to non-preferred rates and increased delivery costs if the vendor is located far from the job site. Suppliers, on the other hand, desired access to a wider base of trusted renters that they didn't have to vet themselves and wanted to offer dynamic rental pricing based on demand and availability in their market. ProsRent's challenge was to produce a minimum viable product that was fast and first to market but also strong enough to engender loyalty and repeat business from the target market.