A global computer technology company was facing significant challenges in meeting the criteria for various regulations including the Sarbanes–Oxley Act (SOX), Payment Card Industry Data Security Standard (PCI-DSS), and Statement on Auditing Standards No. 70 (SAS 70). The company was using IBM Guardium to secure their databases, but the high cost of ownership and operational inefficiencies were proving to be a major hurdle. The company was unable to expand their IBM Guardium deployment beyond the 500 databases it covered due to the overwhelming amount of labor required. This left some critical databases unmonitored, introducing compliance and security risks. The high labor cost was mainly due to Guardium’s architecture deficiencies, which required a large number of virtual appliances to cover the company’s 500 databases. The volume of virtual appliances made the deployment complicated and costly to operate. Furthermore, Guardium’s integration with the company’s Remedy change ticketing and workflow system was cumbersome, and presented many challenges.

SOKA-BAU, a German company providing benefits, compensation, and pension insurance services for 70,000 construction companies, faced a significant challenge in their digital transformation journey. They aimed to provide self-service web applications to their customers and covered employees, which meant exposing their applications to the Internet. However, before they could enable online self-service, they needed to ensure that the sensitive compensation and financial information in their backend databases was completely secure from unauthorized access. The security solution also had to stand up to the scale and availability rigors required from an application with over 650,000 end users. Adding to the challenge was the heterogeneous environment, including database and application server products from several leading vendors, running both custom and packaged applications.

One of the world’s top 100 Universities, with a presence on four continents, was facing challenges with its network security controls and visibility to protect its assets. The University's expanding database and the changing landscape of external threats had pushed its network security controls to the limit of acceptable risk mitigation. The University was keen on attaining the ISO27001 certification for a small subset of clinical registries, which further emphasized the need to enhance network security. The University needed to protect web applications in multiple cloud environments and support WAF on the Microsoft Azure Platform, while maintaining an on-premises footprint for legacy applications. The solution had to be cloud and on-premise, multi-cloud provider, SaaS, with timely delivery and speed of execution, and cause minimal disruption to the business and end users during deployment.

StubHub, a leading ticket marketplace, was facing a series of challenges due to the activities of malicious bots. These bots were scraping pricing and inventory data from StubHub's website, selling this proprietary information to competitors, and reposting it on other platforms. This not only led to StubHub's pricing being undercut but also resulted in the theft and misuse of customer accounts. The problem was further exacerbated by the availability of stolen login information and password reuse, which facilitated account takeovers leading to buyer and seller fraud. Additionally, StubHub's site was under constant attack from Advanced Persistent Bots (APBs) that could imitate human-like interactions and blend in with human traffic. These bots were causing a significant increase in site traffic, leading to skewed analytics and artificially low conversion rates.

Smallpdf, a Swiss company providing online PDF tools, faced a significant challenge in protecting its over a billion user accounts from sophisticated bot-driven brute force credential stuffing attacks. These attacks were not only a threat to the sensitive data held in user accounts but also posed a risk to the company's infrastructure. The brute force attacks could potentially impact website performance, causing slowdowns and disruptions for legitimate users. The company's security team was consistently dealing with large-scale botnets targeting their website, which could compromise user accounts if not effectively mitigated. The need to protect their users and maintain the performance of their authentication service was a top priority for Smallpdf.

Brock University, a leading Canadian institution, was facing a significant challenge with its IT infrastructure. The university's mainframe, proprietary database was no longer capable of supporting its online programs and corresponding web-based applications. As the university planned to move from its proprietary mainframe database to a Microsoft SQL Server environment, it was concerned about the protection of its applications and data. The new environment would support a wide array of homegrown, web-based front-end applications, including student self-service applications, administration, finance, and business applications. The university was also concerned about protecting its database against new vulnerabilities that could be introduced over time. Furthermore, the combination of its custom web applications, thousands of users, and database conversion project was going to present a significant number of opportunities for insider threats and external attacks. Given the magnitude of the conversion project and its limited IT resources, Brock wanted a solution that was easy to implement and didn't require a lot of manual tuning.

The organization, a leader in the property and casualty insurance industry, was grappling with the challenge of scaling data discovery across millions of data records. They were also tasked with monitoring hundreds of databases and fulfilling numerous data owner requests every week. The existing manual processes were time-consuming and inefficient, often taking up to four weeks to complete a single data inventory task. The organization was also struggling with managing data owner requests without expanding their staff. Additionally, the audit reporting process was cumbersome and inefficient, leading to a significant amount of time being spent on audit documentation.

A Real Estate service business was in the process of rapidly deploying Amazon RDS databases to enhance its operations. However, this swift transition posed a significant challenge for the company's audit team. They were required to keep pace with the rapid deployment and ensure that all the databases were compliant with the necessary regulations. The team was also under pressure to prepare for an audit that was scheduled in just 60 days. The challenge was to find a solution that could provide rapid coverage of the 8 RDS instances, automatically discover and classify sensitive data, and establish and retain an audit and forensic trail for all database activity.

National Bankcard Services (NBS) provides custom processing solutions for petroleum and convenience store markets, including an online service for retailers to offer various payment options. As part of its operations, NBS enables its customers to track sales from payment card usage through an online portal. To maintain its reputation, NBS must ensure that the sales and related private corporate information of their customers is protected from unauthorized access and data theft. The company was previously performing code reviews and manual code fixes for its web applications, a process that was both time-consuming and prone to human error. NBS needed to comply with PCI 6.6 to protect the online portal from all types of application threats. However, with a small IT staff, the solution needed to be easy to configure and maintain.

TechSoup Global, a nonprofit organization based in San Francisco, California, provides other nonprofits with technology resources and support. Their product donation program, TechSoup Stock, allows nonprofits to access donated and discounted technology products, saving organizations over $1.4 billion in expenses as of June 2009. However, the organization faced a significant challenge in securing its web-based transaction processing infrastructure, which was a prime target for hackers due to the processing of donations through credit cards. After an unsuccessful breach attempt, TechSoup realized the need to go beyond traditional perimeter and desktop protection. The organization needed a comprehensive security solution that would effectively monitor and protect its applications from hackers, prevent the loss of sensitive data, and facilitate PCI compliance. The solution also needed to be easy to use and deploy, and require no changes to applications or the network.

Metro Bank, Britain’s first new High Street bank in over 100 years, was facing a significant challenge in improving employee productivity by enabling off-network access to Office 365 and Yammer. Despite having AirWatch Mobile Device Management (MDM) in place, the bank felt that the move was too risky due to the vital importance of protecting bank and customer data. The bank wanted to limit off-network access to corporate devices already managed with their AirWatch MDM deployment, but there was no straightforward way to enforce this policy with their existing tools. The bank's goal was to provide full access to Office 365 for corporate owned device users, on or off network, and to extend access to Yammer to personal device users. In the second phase, specific colleagues were to be given off-site access to the more-sensitive information within Dynamics CRM.

PSCU, a credit union service organization, was facing a significant challenge in protecting its sensitive data from advanced targeted attacks. These attacks are multi-phased and designed to bypass the security perimeter, often targeting company employees as an entry point. PSCU had tokenization and encryption technology in place, but they understood that monitoring all access to sensitive information and responding to suspicious activity in real-time was crucial for enhancing their security posture. They needed a solution to monitor privileged users, who are often the prime target of advanced attacks, and locate unauthorized copies of databases. Additionally, PSCU wanted a dedicated malware detection solution to add to its layered defense strategy.

Partner Agent Inc., a leading innovator in the marriage services industry, was faced with the challenge of ensuring absolute security for its new B2B business initiatives. The company needed a security system that could be implemented with limited human resources, yet robust enough to safeguard web access and protect their extremely important customer information. The company was also looking for a reputable security vendor that could put their partners at ease. As the company expanded into B2B, it became imperative to have a Web Application Firewall (WAF) that offered absolute security. The company was entrusted with extremely personal details about its clients, making it crucial to have a reliable IT system as part of its business infrastructure. As the business underwent rapid expansion, the number of new features provided and their constant upgrading gave rise to new problems.

ALYN Woldenberg Family Hospital, Israel’s only pediatric rehabilitation facility, was facing a significant challenge in securing its website and customer database of over 70,000 patients. The hospital's IT team was particularly concerned about the security of their content management system (CMS), as they felt their existing cybersecurity vendor was not updating the security on their CMS frequently enough. This left them vulnerable to cyberattacks, a growing concern in the healthcare industry. The hospital also had to consider patient privacy and regulatory compliance in their search for a new cybersecurity solution. The cost-benefit ratio and the constraints of a small IT team meant they needed a managed system that was easy to integrate and required minimal upkeep. Initially hesitant to move to a cloud-based system due to strict government regulations, they were also concerned about the potential weak points in their special projects website, which was used for resource development and event coordination.

The automotive retailer, operating hundreds of stores and websites, was facing a significant challenge with malicious bot traffic. Despite having multiple firewalls, appliances, and other mechanisms for blocking attacks, the company's nearly 100 web properties were frequently crashing due to bad bots attempting to scrape content. The bots were pulling an average of 8,000 pages per second for competitive data mining, causing the sites to crash frequently. The company was also struggling with managing blacklists and whitelists, which was proving to be an administrative nightmare. The situation was so severe that it was consuming the equivalent of one full-time employee (FTE). The company needed a solution that could intelligently block traffic, maintain the same service level from a performance standpoint, integrate seamlessly with their existing complex infrastructure, and work well with their existing monitoring tools.

AARP, an organization dedicated to improving the quality of life for people over 50, offers a range of products, services, and resources to its millions of members. Many of these services involve the use of personally identifiable information (PII), necessitating a robust security-in-depth cyber defense program to protect the data of AARP members, volunteers, and employees. AARP was in search of a runtime application self-protection (RASP) solution that could safeguard its Amazon Web Services (AWS)-hosted applications from attacks in its production environments. The organization had identified 31 Java applications for initial RASP implementation, but also needed a solution that could accommodate potential future transitions to a microservices-based architecture. Additionally, AARP required a RASP solution that would complement its existing security program, which includes vulnerability management, incident detection and response, and network defense.

Banco Popular Dominicano (BPD), a leading privately owned bank in the Dominican Republic, was facing challenges with its complex database environments. The databases were on separate servers, shared and consolidated due to the high cost of infrastructure. The existing solution was not meeting the bank's needs as it required too much time and resources to operate, and lacked the capacity to scale to meet the high demands of the production environment. The bank needed a solution that would not negatively affect any production process and could run without the need for additional equipment and personnel.

Intuition Systems, a high-volume electronic payment processor, was faced with the challenge of meeting the new PCI requirement for Web Application protection. As a Level 1 Payment Card Industry Service Provider, they had the option to either install application layer firewall technology or go through a secure code vulnerability assessment process for each of their custom applications. At the time, six of their custom applications processed credit cards and were subject to PCI. They expected this number to grow to 10 or more within the year. The process of obtaining a code vulnerability assessment of each custom application would be time-consuming and expensive, and would restrain their ability to add applications and scale their business. Therefore, they decided that the secure code assessment option did not fit their business model. They needed a solution that was scalable, easy to implement and manage, and would not impact their applications and IT infrastructure.

Pelephone Communications Ltd., a leading communications company in Israel, was facing a significant challenge in managing and securing its vast amount of customer and financial data. The company's Chief Security Officer, Yoni Elias, was keen on ensuring that all sensitive data was accessible only on a business need-to-know basis. To enhance Pelephone’s security posture and meet compliance requirements, the company needed granular visibility into file and folder permissions, easy and automated data ownership identification, scheduled and on-demand access audit reports, and real-time policies to alert on data usage that violated standard corporate practices. However, their existing data governance system, particularly the reporting and alerting capabilities, had significant drawbacks that were driving operational costs higher.

NTT TechnoCross, a subsidiary of Nippon Telegraph and Telephone (NTT), is a company that offers advanced IT services and technology to its customers. The company's website serves as the central source of information, delivering the brand directly to customers and helping build customer loyalty. Any interruption in the operation of the website has a large impact, with the potential of a loss of trust that extends beyond the company to the NTT Group as a whole. As a company that builds its branding on security technology, it is imperative that NTT TechnoCross protects itself against cyberattacks as any damage would bear a significant loss in its brand value. When the time came for the company to renew its website, selecting a solution to protect the site was crucial for the company. The company was already facing growing demand for cloud computing in business at the time. With technical support for customers’ cloud computing and security as one of its core offerings, NTT TechnoCross considered using cloud-based services for its own renewed site. At the same time, it made the decision to switch from in-house operations to the use of services in security as well.

DigiCert, a provider of scalable TLS/SSL and PKI solutions, was already using Imperva’s SaaS Web Application Firewall (WAF) to protect their on-premises applications when they began migrating some of their workloads to Amazon Web Services (AWS). However, they were using another vendor for DDoS mitigation on AWS, which they found unsatisfactory due to excessive scrubbing of traffic and blocking of legitimate traffic. As DigiCert's usage of AWS grew, they realized the need for a new security solution that could manage risk, monitor all traffic, rapidly identify threats, and only allow valid traffic to access their applications. They wanted a solution from a single provider that could deliver both WAF protection and DDoS mitigation across their entire hybrid environment. The solution also needed to lower false positives, assure rapid response to minimize potential business interruption, and automate as much of the security process as possible due to time and resource constraints.

Discovery, Inc., a global leader in non-fiction entertainment, faced a significant challenge in managing large amounts of digital customer and company data due to its popularity. The data was subject to compliance regulations and regular audits, and the company needed clearer visibility into their data estate. The challenge was compounded by several factors, including a merger and personnel changes in 2018, which left much of the older data inaccessible to new toolsets. Initially, Discovery, Inc. used Imperva’s SecureSphere to pinpoint certain schemas and security controls they needed to address, and to then adopt those security controls as required. However, as the company expanded into a more cloud-native infrastructure, they needed to extend their compliance requirements coverage to both on-premises and cloud-native technologies.

PayFlex, a third-party administrator that works directly with employers to administer their benefit spending accounts, COBRA and Transit programs, faced a significant security challenge. The company provides consumers with a specialized debit card for medical transactions, which necessitates the storage of debit card numbers and claim data. This convenience, however, is balanced by potential security and regulatory considerations. PayFlex has a responsibility to uphold the highest security standards to protect its customers and their employees. Regulatory compliance is a major consideration for PayFlex, as it must contend with PCI and HIPAA standards. PCI mandates basic network security controls to protect cardholder data, and HIPAA standards require that enterprises prevent health information from being leaked. The liability for a breach is expensive, reaching up to $1.5 million since the implementation of the HITECH Act.