The growing number of cyberattacks and the popularization of technologies such as artificial intelligence, which can boost the productivity and effectiveness of criminals, force companies to seek security tools capable of quickly adapting to new threats while keeping costs and operational complexity under control.
As we discussed previously, one tool that meets these requirements is the Web Application Firewall (WAF), which has become essential for cybersecurity. But not all WAFs are the same. The choice of technology, and the right partner, can be crucial in determining the success of your strategy.
In this article, you will learn about three out of many large businesses that have chosen Azion’s WAF to ensure security and accelerate their digital transformation, and understand why it is the best solution for companies of all sizes and industry sectors, including yours.
Azion’s WAF in Practice: Three Success Stories
In Retail: Netshoes
Retail is the industry segment most affected by security incidents1, where they have great potential for financial damage: A successful attack has a 53% chance of causing losses above $ 500K2 due to unavailability and fraud, such as credential stuffing and phishing.
These threats require Netshoes, one of the leading sports lifestyle websites in Latin America, with about 54 million unique visitors per month, to use intelligent and sophisticated protection resources. Therefore, the company selected Azion’s products and services to enhance both the security and performance of their applications.
Solutions such as the Edge Firewall and WAF were essential to expand control and real-time threat monitoring. With them, Netshoes can identify and curb “bad bots”, and protect Mobile APIs and its e-commerce infrastructure against both known threats, like the ones listed in the OWASP Top 10, as well as against zero-day attacks.
Azion’s WAF allowed Netshoes to block millions of threats in an automated way, without impacting the service or the shopping experience of its customers. In addition, by using Azion’s more than 60 edge locations in Brazil, the company improved uptime, efficiency in blocking malicious requests, speed of DDoS attack mitigation, and the performance of its applications, thanks to the ultra-low latency that only an edge computing platform can provide.
In the Financial Sector: Crefisa
Crefisa is a financial solutions company constantly undergoing digital transformation, aiming to serve its millions of customers in a practical and agile way. A crucial step for its success involved modernizing its infrastructure to implement the most sophisticated performance and security features.
When surveying the market for solutions, Crefisa chose Azion due to its usage-based payment model and its security stack that allows building a zero-trust security approach, adopting a granular and multilayered approach.
Using our open and extensible platform, Crefisa added to its edge applications the Network Layer Protection, WAF, and DDoS Protection modules, in addition to integrating Radware Bot Manager into the firewall rules.
As a result, the company was able to create custom lists to block abusive users, based on reputation, malicious IP addresses, geolocation, proxies, and use of the Tor network. It was also able to protect the application layer using WAF rules to block major web threats, mitigate DDoS attacks, and manage bot traffic.
With Azion’s solutions, Crefisa’s security team spent less effort on containing threats: Tens of thousands of malicious accesses are automatically suppressed and hundreds of thousands of requests are filtered by the WAF each month.
This allowed the company to accelerate its digital transformation, modernize its defensive stance, and speed up innovation while still meeting the rigorous compliance requirements of the financial market.
In Education: Faculdade das Américas
Faculdade das Américas (FAM) is an educational institution founded in the city of São Paulo that stands out as one of the most innovative in Brazil. With strong investment in technology, it faces the challenge of protecting students, teachers, and its applications against data theft, violation of intellectual property, espionage, and service unavailability due to volumetric attacks, such as DDoS.
At the end of 2020, FAM adopted Azion’s solutions, relying on the WAF to monitor threats in real-time, automatically block critical attacks to the application layer, and simplify the development of secure software by creating advanced security rules and speeding up the validation of implementations.
Three months after implementing Azion’s security stack on their domains, FAM had already monitored over 1 million requests, among which tens of thousands of cyber threats were identified and automatically blocked by the WAF.
Azion’s solutions also brought performance gains for FAM. Before reaching the university’s back-end, requests are evaluated by Azion and, in 90% of cases, are delivered at the edge, allowing better performance, less use of memory and CPU on the origin servers, and lower network transport costs.
The Technology Behind Azion’s WAF
A robust WAF is capable of protecting your applications against the top 10 vulnerabilities listed by the Open Worldwide Application Security Project (known as “OWASP Top 10”) and many others. But for this to happen effectively, it must be based on the right technology.
Two approaches can be used in the development of a WAF: Signature-based and score-based. In the first one, the WAF analyzes each incoming request and compares it to a database containing a list of “signatures” of known attacks. If there is a match, the request is discarded. The problem with this method is clear: an unknown attack, like the increasingly common “zero-day” attacks, will not be on the list and will easily bypass the protection.
The alternative, used by Azion’s WAF, is a score-based system. Instead of looking for signatures, our solution analyzes the components of a request and assigns each of them a score based on their behavior. The higher the score, the greater the likelihood that it is an attack. When a limit is reached, the request is discarded.
That’s why Azion’s WAF was immune to attacks known as WAF bypasses, designed specifically to circumvent the protection offered by a WAF, and that affected major players in the security market in recent years.
WAFs are an important part of the programmable security concept, which refers to the ability to customize and control security settings and protocols through code and automation routines. This approach emerged as a response to the lack of flexibility of traditional security solutions in the face of complex and dynamic IT environments in modern organizations.
Among its benefits are more consistent application of security policies across the network infrastructure, reduction of the risk of human errors, and optimization of resource usage, thereby reducing the overall cost of security operations.
Pay only for what you use, and save in the long run
At Azion, businesses of all sizes have access to all of our products and features, without commitment. Just sign up for a free account to receive $300 in service credits, valid for 12 months, to experience first-hand the benefits of our solutions.
Our usage-based pricing ensures that you pay only for what you use, without worrying about overprovisioning. If you wish, it’s possible to save even more, up to 78%, by signing up for a long-term contract of 1, 2, or 3 years. Ideal for sustained economic growth.
With our Service Plans, you can add even more value to your plan, including Engineer to Engineer services. Choose a service level that meets your compliance requirements and the help needed to deliver your workloads with Azion successfully.
Conclusion
Azion’s WAF has proven to be a key solution for companies like Netshoes, Crefisa, and Faculdade das Américas, which were seeking robustness, security, and efficiency in combating virtual threats. Its flexible structure, customization options, and transparent pricing make it an effective and accessible tool for companies of all sizes.
It’s no coincidence that throughout 2023, we received numerous recognitions for the quality of our products and services. These included the 2023 North American New Product Innovation Award from Frost & Sullivan in the Edge Serverless Computing category and the nomination as a Market Leader and Fast Mover in the GigaOm Radar report on Edge Platforms.
Is your business ready to strengthen your cyber security with us? Try us out by creating a free account or talk with our experts and find out why we are the choice of major market players.
References
1. 2020 Trustwave Global Security Report
2. Comprehensive Bot Management | Radware
