CHALLENGE
Cloud-first, all-in-one HR platform Namely is experiencing rapid growth, which naturally is driving the prioritization of its web defense.
As Namely continues to grow its customer base, so does its responsibility managing web defenses (detection, prevention, and response). In a fast-moving agile development environment, security leader Daniel Leslie was tasked with building security and IT from the ground up and sought innovative ways to manage website defenses. With experience working with legacy WAFs before, he was looking for production web defense with clear returns on investment. Core criteria included technical alignment, ease of use, best-in-class security functionality, and total cost of ownership.
Our team is lean and Signal Sciences extends our capacity by providing us with more ‘finished data’ versus the raw log data we had worked with the past. In other words, we get actionable insights, faster and with a higher degree of confidence in the data’s accuracy.
– Daniel Leslie, Director of Security Intelligence & IT Operations
SOLUTION
Namely chose to partner with Signal Sciences as a component within their security architecture due to better usability for security operation tasks, technical alignment with deployment updates and maintenance—all at a lower total cost of ownership.
Ease of Use for Executives to Developers
Many enterprises struggle to provide real-time visibility around how their web applications are being attacked, resulting in an unknown attack surface. Namely wanted to address this issue with a product that could install easily across their tech stack and share relevant security data across departments and levels. The Namely team shared that Signal Sciences is extremely easy to install and onboard new personnel due to ease of use and visibility of automated, intelligent blocking decisions. Insightful week-in-review reports and deployment scorecards have been helpful in educating executives on the current risk profile of their websites, and informing actions teams can take to improve. Decreased Mean Time to
Decreased Mean Time to Detection and Mean Time to Remediate
Detailed blocking decisions coupled with integrations like PagerDuty have helped Namely fix issues faster. The team had experience using WAFs before in previous companies, which treated each suspicious request as a security event which created toil in discerning real attacks from noise. Routine false positive alerting creates “alarm fatigue” and can desensitize a team’s attentiveness.
Signal Sciences’ intelligent Cloud Engine instead creates events after seeing enough malicious requests to confirm an actual attack. Now, it takes only minutes between the time they see an event—because it’s already alert-worthy —to the time they’re able to page someone to triage. In one instance, Signal Sciences alerted Namely teams to a non-security related engineering issue in the code: some webpages weren’t being used, but were still being called due to legacy logic built in the code. With insight into 40x and 50x errors, along with cross referencing other monitoring tools, this error was easily triaged.
Enhanced Capacity of the Security and DevOps Teams with Lowest TCO
Like many new security teams, the Namely team started small, where each individual had a lot of different responsibilities. Configuring or building rules and alerts would have maxed out the capacity of the small team, with little time for other crucial tasks. Signal Sciences provided the team with leverage in using an intelligent product that provided immediate blocking and actionable intelligence to dig deeper into potential threats. These critical time savings in setup equated to a low total cost of ownership (TCO), one of their key success criteria.
The architectural openness and extensibility of the product, along with its performance and scalability ensured us that Signal Sciences could support us well into the future.
– Daniel Leslie, Director of Security Intelligence & IT Operations