Finn AI, a provider of AI-powered virtual assistance for banks and credit unions, faced a significant challenge in securing their business-critical APIs. The company, which uses natural language processing technology (NLP) to enable conversational AI technology for financial institutions, needed a solution that would provide visibility into API discovery attempts by malicious threat actors and the ability to stop unusual activity against these APIs. Despite having a relatively small attack surface due to the absence of a client-side frontend, Finn AI's APIs still required effective protection. The company sought a solution that would install easily, scale effectively, be light on resources, and provide protection against OWASP Top 10 and zero-day exploit attempts.

amazee.io, an open-source application delivery solution provider, was facing challenges in maintaining the seamless operation of its ZeroOps platform. The company's customer base was expanding, and with it, the need for more robust security measures and certificate management. High-profile customers were using the Lagoon platform for business-critical applications, which necessitated stringent security demands. The company was also dealing with issues of false positives and alert fatigue, which were frequent irritants. Traditional Web Application Firewalls (WAFs) were proving to be inadequate, often blocking legitimate traffic or requiring constant tuning and re-tuning. Furthermore, one of amazee.io's major customers had an active bug bounty, which led to constant scanning of the site and required a significant upscaling of the customer's database cluster to handle the load.

DeNA, a Japanese corporation specializing in digital portals, mobile games, and e-commerce platforms, was facing significant challenges with its legacy Web Application Firewall (WAF). The legacy WAF was not only expensive to operate but also had high response times, particularly during traffic spikes. This was a significant issue as DeNA was expanding its offerings and needed to scale its web security posture accordingly. The legacy WAF's admin portal loaded slowly during traffic spikes, preventing the team from addressing issues promptly. Moreover, it was impossible for the DeNA team to reroute customer page requests if their WAF was not performing correctly. The performance issues, coupled with the high cost of scaling hardware investments, made it clear that DeNA needed a new, more efficient solution.

RVU, a leading tech company in the UK, owns several market comparison sites and apps. The company has grown through strategic acquisitions, which has led to inconsistencies in tech stacks as each acquired business comes with its own back-end architecture, integrations, and more. This inconsistency posed a challenge to RVU as it sought to provide a secure, single layer of consistency across all its brands. Furthermore, as users have grown increasingly reliant on price-comparison tools, their expectations around security and privacy have also increased. RVU needed a solution that would not only standardize operations across all brands but also fortify all of its brands equally in terms of security and privacy.

SeenThis, a Stockholm-based ad streaming company, was facing a series of challenges. The company, which works with 80 of the top 100 advertisers in over 40 countries, was dealing with an average of 40 billion requests per month from over 1,000 customers. Their proprietary adaptive streaming technology was designed to remove the limitations of conventional ad serving technology, but they were struggling with their existing first-generation CDN, which couldn't provide the necessary configuration for delivering custom content based on different variables. Additionally, their previous logging and monitoring system, which utilized open-source tools like nginx and RabbitMQ on AWS, was becoming slow and unreliable, making it difficult to manage the increasing number of requests. Furthermore, as environmental concerns became more pressing, SeenThis needed more detailed reporting capabilities to evidence their unique mix of performance and sustainability.

Shoptimize, a pioneer of AI solutions for direct-to-consumer (D2C) retail platforms, was facing challenges in scaling its services. The company needed to provide a seamless online experience for its users, regardless of whether there were 5,000 or 5 million users online. The company was also looking for a next-generation Web Application Firewall (WAF) solution that could offer performance and PCI-DSS compliance at scale. Their previous WAF providers were not able to meet the caching challenge and were too expensive for effective customer onboarding. Shoptimize needed a solution that could offer predictable costs, scale as needed, and integrate with their existing tech stack. They also required a low-latency WAF to block spam traffic and bad bots without slowing down or blocking desirable traffic.

Litium, a scalable ecommerce platform, was seeking to enhance its customer package by adding a Content Delivery Network (CDN). The company's goal was to provide its B2B and B2C clients with a fast, flexible, and scalable sales platform that could support their growth. However, the legacy CDN providers were not a good fit for Litium's needs as they were cumbersome and time-consuming to manage and service. Furthermore, Litium's customers, who are based around the world, needed a solution that could maintain backend operations in Europe while allowing sales in the US and other parts of the world without any degradation in response time.

One Medical, a membership-based primary care practice, was faced with the challenge of securing customer data in line with their cloud-first strategy. The healthcare industry is particularly vulnerable to identity theft, and organizations like One Medical have to manage a multitude of electronic medical records. The company takes the security and confidentiality of their customers’ Personally Identifiable Information (PII) seriously, adhering to industry best practices in software development, testing, and internal and external security practices. However, they needed a security solution that could scale with their cloud-first strategy, improve their overall security posture, and remain compliant with HIPAA. They also faced issues with false positives in their environment, which could potentially block doctors from performing critical functions such as submitting prescriptions. Other solutions they evaluated were difficult to deploy into their cloud-first technology stack and caused false positives.

LaunchDarkly, a feature management platform, was facing challenges in the fast-paced software development lifecycle. The company needed to balance the competing needs of speed and security. Speed was essential to improve products and keep users engaged, while security was necessary to ensure deployments did not cause disruptions or drive users to competitor apps. The company also needed to ensure that features could be rolled out without friction, or they risked their product's position in the app store rating. Additionally, LaunchDarkly required a solution to protect user experience in case of a disaster, without having to roll back code.

Brandfolder, a digital asset management platform, was facing challenges with its content dissemination feature, the Smart CDN. The company was initially performing eager image transformations, which involved creating different renditions of an image as soon as it was ingested. While this approach could potentially speed up request response times, it significantly increased the ingest time, causing delays for customers. Another challenge was the process of adding watermarks to images. Each image was individually watermarked by Brandfolder and stored until it needed to be served. This process was not only time-consuming but also increased storage costs. Furthermore, the company was looking to update their thumbnailing process, which involved generating thumbnails for all assets in their system. The existing process was creating bottlenecks and hindering scalability.

Storytel, a global leader in audiobooks, was faced with a significant challenge when developing their new homepage. The original homepage was built on an outdated tech stack, which was not conducive to the high-performing, optimized experience they aimed to provide their customers. The company wanted to leverage stale-while-revalidate cache control to ensure lightning-fast load times. However, during testing, they discovered that the page load times were over a second, which was unacceptable for a project of such high profile. The issue was traced back to their existing Content Delivery Network (CDN), which did not support the caching strategy they had designed. The CDN did not trigger the stale-while-revalidate process with every request, resulting in slow page loads. The vendor had no plans to change how this directive works, leaving Storytel in a precarious situation on the eve of a global rollout.

The Endless OS Foundation, a social welfare nonprofit, has been working to bridge the digital divide by increasing access to affordable devices and building software that reduces the need for high-speed connectivity. However, the COVID-19 pandemic exacerbated the digital divide, causing a surge in demand for online educational content. As a result, the Foundation saw an increase in downloads and updates, leading to a spike in egress costs. Their existing content delivery network (CDN) was unable to provide efficient solutions, and they were experiencing CDN dead zones in regions like Southeast Asia, Central, and South America, where they have a significant number of users. The quality of their service was inconsistent, and costs were continually increasing.

Filestack, a low code content API platform, was facing challenges in scaling their rapidly growing file management service. They were in need of a Content Delivery Network (CDN) that could support their expanding services in a reliable, cost-effective, and fast manner. Their service involved image transformation, which resulted in multiple versions of the same file, and they needed a way to invalidate these versions quickly. They also required customization at the edge, a large number of powerful and strategically located Points of Presence (POPs), and the ability to handle large file sizes. Additionally, Filestack was struggling with the management of Transport Layer Security (TLS) certificates, a task that was distracting their team from product development. They were also considering dropping a premium feature, CNAME, due to the burden of managing a certificate and private key for each customer.

Maritz, a holding company providing a range of services to Fortune 500 companies, faced a significant challenge in enhancing its security posture to support PCI DSS requirement 6.6. Several of its business units accept credit card information, necessitating annual reporting on PCI DSS compliance. The company decided to implement a web application firewall as an additional layer of security for its PCI environment. However, with numerous business units and applications, each with different technology stacks, Maritz needed a single product that could be deployed across all current and future hosting environments, whether physical or virtual, on-premises or cloud-based. The company had previously used an open-source solution that required extensive manual effort to operate, so they were looking for a solution that offered ease of use, automated blocking, and simple deployment.

Atresmedia, a leading communication group in Spain, has been expanding its streaming package since its launch, which is a key line of business for the company. The company has turned to live streaming for broadcasting important events, such as sports finals or elections, which have high ratings. Users expect an experience similar to that of broadcast television, with no delays and zero latency. To cater to the increased traffic levels generated by live events, it was crucial for Atresmedia to prepare its entire infrastructure and partner with a CDN to support it, ensuring zero downtime, even if they experienced a tremendous spike in the number of users. The main challenges of live streaming that Atresmedia wanted to address were avoiding latency, improving the quality of the user experience, offering a reliable and scalable architecture that is able to absorb large and unpredictable traffic spikes, reducing the costs associated with live streaming, and having greater control in order to make autonomous, quick changes through API or UI.

Bell Media, Canada's leading content creation company, was facing a significant challenge in managing traffic spikes and maintaining the quality of their content delivery. The company delivers media to over 22 million customer connections within more than 8 million Canadian households. As their customer base continued to expand, they began to experience very high traffic spikes for video delivery. These traffic spikes posed a risk of causing slowdowns and server failures, which could compromise the quality of the content delivered to Bell Media customers. The video delivery pipeline team, responsible for sourcing, transcoding, and delivering content to all Canadians, needed a solution that could handle their growing capacity needs and ensure a flawless experience for customers under any circumstances.

Magnolia, a leading Digital Experience Platform (DXP) provider, faced a significant challenge in meeting the evolving needs of its enterprise customers. For over 20 years, Magnolia had been providing its application for customers to host on-premises and later as a managed service in the cloud. However, customers increasingly demanded a platform that simplified infrastructure deployments and experience delivery, including an embedded Content Delivery Network (CDN) to handle domain certificates, DDoS mitigation, scaling, stability, caching, and Web Application Firewalls (WAFs). The challenge was to find a CDN vendor that could meet these demands and integrate seamlessly with Magnolia's service model. The CDN needed to be API-first for easy integrations and configurations, handle 100 terabytes (TB) of traffic per month, and complement Magnolia's business model. Additionally, Magnolia aimed to provide a Web Application Firewall (WAF) that would satisfy an increasingly security-conscious clientele, particularly in sectors like banking and finance.

Blackpepper, a leading e-commerce services provider based in Auckland, New Zealand, faced a significant challenge during the 2020 pandemic lockdown. The firm experienced an exponential increase in traffic, with volumes surging by up to 400 times from the previous year. This sudden surge posed a risk to their operational excellence, and the firm needed to find a way to handle the increased traffic sustainably. Additionally, Blackpepper was also grappling with a wave of denial of service (DDoS) attacks targeting Australia and New Zealand, necessitating a bolstered security posture. At the time, Blackpepper's operations relied on an on-premise data centre and a range of in-house developed applications and tools, including a bespoke Web Application Firewall (WAF). They were also using an external content delivery network (CDN) to serve videos and images to each website. However, their existing vendor was unable to meet the demand for a CDN that delivered everything for their customers' websites, not just visuals.

Gannett, the largest news publisher in the U.S., faced a significant challenge in maintaining its competitive edge in the fast-paced world of digital news publishing. The company's previous content delivery solution relied on a time-to-live-based method for purging content, which resulted in a delay of 45 to 90 seconds before a piece of content could go live. This delay was a significant disadvantage in an industry where being the first to publish a story can significantly impact future traffic to a site. Additionally, Gannett's previous solution did not provide the granular control and visibility needed to handle large traffic spikes effectively. The company also faced challenges in deploying configuration changes, which required a minimum of 60 minutes and often involved going through their previous provider. This process was inefficient and limited the ability of Gannett's developers to make changes quickly and independently.

Nine, Australia’s largest locally owned media company, faced significant challenges in the fast-paced media industry. With a diverse set of technological needs and engineering challenges, Nine needed to ensure time-sensitive media delivery to over 12 million readers across its platforms. The speed of media delivery directly impacts audience reach, conversion, and ad revenue. Therefore, Nine needed to ensure up-to-date content delivery, requiring a powerful, programmable, secure Content Delivery Network (CDN) and innovative IT partnerships. The company also faced a 50% spike in users and subscribers since the start of 2020, necessitating the ability to scale at pace. Furthermore, Nine recognized the need for a modern approach to CDN, with access to source code management for agile publishing and rapid change cycles.

OFX, an international financial transfer platform based in Sydney, Australia, processes over $22 billion annually through its web application. After a three-year migration to the cloud, OFX sought to increase visibility and protection against Open Web Application Security Project (OWASP) attacks and authentication abuse in its cloud-first microservices infrastructure. Partners interact with the OFX platform via APIs that communicate with internal microservices. Richard Lane, Head of Digital Security at OFX, wanted to ensure that their microservices weren't implicitly trusting others and sought a product that would provide visibility. He was looking for a solution that was easy to install, use, and could effectively block malicious traffic automatically, including logins, without causing production incidents.

Duo, a leading cybersecurity company, was seeking to enhance the security visibility of its authentication platform and websites without introducing additional security or operational risks. The company's platform supports billions of authentication requests globally every week, and it was crucial to secure this traffic without negatively impacting the user experience or introducing additional security risks. Duo's previous experiences with hardware and cloud Web Application Firewalls (WAFs) had introduced single points of failure and had difficulties integrating into the path of traffic, prompting the need for an alternative approach.

Sauce Labs, the world's largest continuous testing cloud for web and mobile applications, faced a significant challenge in protecting its web applications distributed across a hybrid cloud environment with different application stacks. The company's mission is to ensure that mobile applications and websites work flawlessly on every device, operating system, and browser, delivering an impeccable digital experience to users. However, the company was vulnerable to potential attack vectors, including click fraud and abuse of its free trial virtual machine offering. The Senior Director of Product Security, John Kennedy, was in search of a single technology that could defend against these threats and ensure the security of the company's web applications.

Pronovias Group, a global business group that designs, manufactures, and sells wedding dresses and evening gowns, faced a unique challenge. The company operates six brands, each with its own online portal. Unlike traditional e-commerce portals, these websites serve as a gateway for customer relationships and as a booking point for in-person appointments, linking the online experience with the in-store experience. The challenge was to optimize these experiences and bring them on par with the personalized and exclusive service offered in-store. The online stores required fast and frictionless loading in users’ web browsers. Pronovias Group was looking for a universal solution for all of its brands that would facilitate the daily management of their online presence while allowing them to handle traffic without losing connectivity from anywhere in the world. It was also essential to protect the websites and distinguish between different types of requests to rule out all kinds of attacks.

Cybrary, a growing community that brings together people, companies, and training to revolutionize the cyber security educational experience, was facing a significant challenge. Their legacy web application firewall (WAF) was failing to provide complete attack coverage and usability across its APIs and web properties. With a wide range of pages and training content to protect, Cybrary’s two-person infrastructure team was struggling with issues that their legacy WAF could not address. The legacy WAF was proving extremely difficult to configure and debug without investing significant time and resources. It also provided incomplete attack coverage and blocked valid requests, with no real-time visibility, alerting, or a functional dashboard to monitor activity over time. As security experts, Cybrary needed to maintain their brand identity and ensure their security practice was cutting-edge.

Split, a global provider of a feature delivery and experimentation platform, was seeking a scalable and reliable edge cloud network to deliver feature flags to its customers. The company's customers use these feature flags to introduce and roll back changes swiftly, thereby reducing the median time to recovery. However, Split was facing challenges with conventional Content Delivery Networks (CDNs), experiencing purge times ranging from 10 to 30 minutes, which was unacceptable for their business model. Furthermore, as a company with a worldwide customer base, Split needed to maintain high uptimes in every location, a task that was proving difficult due to the potential for human error and the challenges of performance at scale.

Jimdo, a company that powers over 20 million websites worldwide, was facing stiff competition from other website creation companies with massive marketing budgets. To stand out, Jimdo realized they needed to focus on quality product innovation and unparalleled customer service. However, they were burdened with complicated and time-intensive workflows and operations, which hindered their ability to innovate. They also faced the challenge of ensuring their websites were secure, fast, and scalable, regardless of the customer's device or location. Another significant challenge was the resizing of images on their customers’ sites to ensure they looked great on all devices. This was a key aspect of their business as many websites rely on beautiful photos to help sell their products and services.

Axon, a leading self-defense company, operates Evidence.com, a platform that handles a constant flow of digital evidence from various law enforcement and public safety agencies across the globe. The platform is used to manage digital evidence in a secure, scalable, and efficient way, allowing agencies to focus on the use of the data rather than the burden of managing it. Given the highly sensitive and personal nature of this information, security is of paramount importance. However, traditional Web Application Firewalls (WAFs) were not compatible with Axon's modern architecture and couldn't be effectively deployed in production blocking mode. Axon's security team built their own detection rules and evaluated multiple WAF technologies, but were not satisfied with any of the legacy solutions available on the market. They found themselves spending too much of their operational resources maintaining their homegrown web application security solution, which didn’t provide robust blocking capabilities and was only as good as the rules written for it.

Prezi, a cloud-based presentation platform with over 100 million users, was facing a significant challenge due to its tremendous growth. The company was seeking to replace an existing, labor-intensive tool with a new web application firewall (WAF) to provide automated, accurate protection for their web applications. Previously, Prezi used an open source IDS/IPS solution. As a cloud-based platform, Prezi’s primary goal was to have a WAF with enterprise-grade detection and response capabilities. They needed a solution that could automatically and reliably detect attack patterns on web traffic without the noise (hundreds of notifications to matches on RegEx signatures) and provide integrations to gain advanced insights.

Network 10, a major Australian television network, faced a significant challenge in delivering a seamless live stream of the Melbourne Cup, Australia's premier horse race and the network's biggest sporting event. The race is not only broadcast on free-to-air television but also offered as a live stream from the company’s website. The challenge was to ensure uninterrupted delivery of the live stream at a time when traffic levels reach the highest point of the year. The selection of the underlying platform was critical to achieving this. Network 10 aimed to provide a first-class experience to all viewers, with top-quality audio and video delivered without interruption or buffering. The network also needed to prepare for any spontaneous spikes in traffic and troubleshoot any issues that may arise during the event.