Enhancing Customer Application Security: A Case Study
BG Unified Solutions Pty. Ltd. is an Australian hosting services and solutions provider
that helps clients plan, build, and manage their IT. Founded in 2014, they provide
international IT services, including infrastructure architecture, network optimization and
disaster recovery, to leading companies around the world.
As part of these services, BG Unified also provides managed security services to help
organizations safeguard sensitive data, keep PII secure and stay in compliance with
stringent government regulations.
Several of BG Unified’s customers experienced website performance issues where
firewalls couldn’t provide sufficient protection. To provide its customers with the highest
level of security, BG Unified began to evaluate the marketplace for effective web
application security and bot management solutions.
[You may also like: 5 Things to Consider When Choosing a Bot Management Solution]
As part of its evaluation of a cloud web application security solution, BG Unified decided to use a production environment and persuaded a long-term customer to participate in the proof of concept.
The customer provided online educational services and needed to ensure that it could protect customer PII. The Australian government enforces strict data privacy regulations. Besides loss of reputation, noncompliance can lead to penalties costing more than 4 million AUD. To keep their business and reputation in good standing, the customer trusts BG Unified to support their inbound and outbound infrastructure and to recommend best security practices to remain compliant.
BG Unified selected several web application protection vendors, including Radware, to participate in the proof of concept. The local Radware engineer delivered real-time support to resolve issues during testing, since the Radware Emergency Response Team was in a different time zone. Testing showed that Radware’s Cloud WAF Service provided key differentiators from the competition, including superior network visibility, customized reporting and a user-friendly portal.
As the educational services customer tested Radware’s Cloud WAF Service to protect its website, BG Unified noticed blocked IP addresses in the customer’s website logs and saw a corresponding decrease in website performance, negatively impacting the user experience. There was increased activity on the website but no corresponding increase in orders, evidence that the website was experiencing bot attacks. Although the Cloud WAF Service could protect against application vulnerability exploits, such as SQL injections and cross-site scripting, it couldn’t defend against sophisticated bots that mimic human behavior.
The average number of transactions dropped from 250 orders per hour to 100 orders per day. With an average order of 50 AUD, the customer was losing over 95,000 AUD per day due to payment bot attacks.
[You may also like: Bot Manager vs. WAF: Why You Actually Need Both]
To prevent future revenue and data loss, the customer installed Radware Bot Manager. After activating Bot Manager, the customer saw a 79% decrease in website bot activity and an 80% decrease in payment section bot hits.
Radware’s integrated Cloud WAF Service and Bot Manager solved the customer’s application and data security issues by protecting against application vulnerability exploitations, automatically identifying and blocking malicious bots and protecting sensitive data. The customer was able to remain compliant, provide a quality website user experience and process orders.
Read Radware’s “The Big Bad Bot Report” to learn more.
*** This is a Security Bloggers Network syndicated blog from Radware Blog authored by Radware. Read the original post at: https://blog.radware.com/security/applicationsecurity/2021/01/enhancing-customer-application-security-a-case-study/