Imperva > Case Studies > Imperva's RASP Solution Enhances AARP's Cyber Defense Program

Imperva's RASP Solution Enhances AARP's Cyber Defense Program

Imperva Logo
Technology Category
  • Application Infrastructure & Middleware - Event-Driven Application
  • Cybersecurity & Privacy - Application Security
Applicable Industries
  • Buildings
  • National Security & Defense
Applicable Functions
  • Product Research & Development
  • Quality Assurance
Use Cases
  • Tamper Detection
  • Time Sensitive Networking
Services
  • Cybersecurity Services
  • Testing & Certification
About The Customer
AARP is an organization founded in 1958 with the mission to enhance the quality of life for people aged 50 and above. The organization offers a wide range of products, services, and resources to its millions of members, empowering them to lead active, healthy, and secure lives as they age. Many of these services involve the use of personally identifiable information (PII), making data security a top priority for the organization. To protect the data of its members, volunteers, and employees, AARP has developed a mature security-in-depth cyber defense program.
The Challenge
AARP, an organization dedicated to improving the quality of life for people over 50, offers a range of products, services, and resources to its millions of members. Many of these services involve the use of personally identifiable information (PII), necessitating a robust security-in-depth cyber defense program to protect the data of AARP members, volunteers, and employees. AARP was in search of a runtime application self-protection (RASP) solution that could safeguard its Amazon Web Services (AWS)-hosted applications from attacks in its production environments. The organization had identified 31 Java applications for initial RASP implementation, but also needed a solution that could accommodate potential future transitions to a microservices-based architecture. Additionally, AARP required a RASP solution that would complement its existing security program, which includes vulnerability management, incident detection and response, and network defense.
The Solution
AARP approached Prevoty, now part of Imperva, for a RASP solution. Imperva's RASP was identified as the most mature and technologically superior solution based on analyst reports and customer feedback. The solution was evaluated based on scalability, permanent patching & visibility, and broad integration capabilities. Imperva's RASP technology was found to be nimble enough to accommodate major application architectural changes, working in any type of deployment architecture, including on-premises, cloud, containers, and microservices. It also complemented AARP's existing security stack, filling security gaps that left applications vulnerable to attack at runtime. The RASP technology integrated seamlessly with AARP's existing environments like AWS and automated workflows. After a successful proof-of-value process, AARP adopted RASP and integrated it into its existing application deployment process using an open-source application deployment automation platform.
Operational Impact
  • With the implementation of Imperva's RASP technology, AARP was able to push its AWS-hosted applications to production faster and at scale, with enhanced security. The most immediate impact of RASP was on AARP's vulnerability management service level agreements (SLAs). The immediate, permanent protection offered by RASP made AARP's backlog of vulnerabilities less critical, allowing development teams more time to fix vulnerabilities on their own schedule. This also freed up more time for the development of features that solve problems, deliver services to customers, and drive business. Additionally, RASP technology provided AARP with increased visibility into application attacks, events, and risks, feeding context-enriched perspectives from inside their applications into a SIEM to deliver better, smarter, actionable intelligence.

Case Study missing?

Start adding your own!

Register with your work email and create a new case study profile for your business.

Add New Record

Related Case Studies.

Contact us

Let's talk!
* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.