Doximity is the largest professional medical network, with over one million physicians and advanced practice clinicians in the United States. The company enables medical professionals to communicate with colleagues and patients, and to share their perspectives on the latest health care trends and research.
In March 2020, the Doximity security team started to observe a significant, sustained surge in web and mobile application traffic. Their Doximity Dialer secure calling feature alone experienced a 30X traffic increase and double-digit growth in their user base over a few week’s time. As a result, every department had to scale efficiently and quickly in order to meet demand, including the infrastructure and security teams.
The security team needed to scale up its ability to manage unwanted traffic hitting their applications, all of which created a downstream impact on other departments handling support tickets. Doximity had already been using Signal Sciences as their Next-Generation Web Application Firewall (WAF), however, they needed an added and more robust solution that could replace their internally-built rate-limiting tools.
One of the initial projects that the security team took on was to improve our visibility into threats and automated protections at the HTTP layer. Signal Sciences was able to deliver all that with minimal changes to our systems. Their Advanced Rate Limiting capabilities enabled us to decommission a costly, long-standing homegrown tool and freed us up to focus on other high-priority projects. Thankfully, we were able to get out of the business of writing our own rules engine and to re-focus our energy on what is important; writing rules to block malicious behavior and traffic.
– Ben Abrams, Lead Security Engineer
Signal Sciences Next-Gen WAF with Advanced Rate Limiting gave Doximity the granular control necessary to block malicious traffic without impacting its extensive network of medical professionals, while at the same time, freeing up its internal security team to focus on other high-priority projects. Doximity then takes the intelligence surfaced by Signal Sciences and pushes it across other protection layers as part of their larger defense-in-depth against distributed denial-of-service (DDoS).
In addition, the downstream benefit of eliminating false positives carried over cost and operational savings to the customer service team; resulting in a drastic reduction in support tickets from false positives.
Automated Blocking Allow List Reduced Security Team Workload
With the surge of legitimate, as well as malicious traffic, the infrastructure and security teams needed a highly effective but low maintenance WAF. Signal Sciences developed additional custom rules to allow the security team to focus on high-priority projects and initiatives to keep the site running smoothly.
Securing Customers Through Granular Blocking Controls
Doximity’s customer base of medical professionals presented unique challenges to the security team. IP or geo-based blocking would prevent legitimate traffic coming from large hospitals. Doximity used Signal Sciences header inspection and payload detection to refine their blocking criteria and apply it at scale while keeping the false positive ratio very low.
Creating Organization-Wide Value
The downstream effects of reducing false positives are being felt throughout the company. The traffic volume was large enough for the security team to give the support team the ability to whitelist or unban accounts without consulting the infrastructure teams, which wasn’t sustainable in the long run. With Signal Sciences advanced rate limiting, customer support tickets to unban accounts were eliminated and the support team no longer needed to handle unblocking requests.
Signal Sciences brought value to the organization, even beyond the infrastructure and security teams. Customer service immediately felt the reduction in account support tickets, helping us strengthen relationships across the company and enabling us to ensure a better experience for the healthcare professionals that make up our network membership.
– Jey Balachandran, CTO