Yelp Eat24 is a web-based food and delivery service that partners with local restaurants.

Why Yelp Eat24 Chose Signal Sciences’ NGWAF Solution

In February 2015, Yelp acquired Eat24, the food delivery platform, in order to strengthen their consumer experience and online mobile transactions services for their customers. Yelp Eat24 currently has more than 35,000 restaurants on its platform across 1,500 cities, and annual revenue for 2015 was over $40 million. With so many transactions happening on a daily basis, Yelp Eat24 believes strongly that protecting their web application and customer data (both restaurants and consumers) is a critical priority.

The Challenges That Yelp Eat24 Experienced

Yelp and Eat24 faced a pivotal post acquisition issue: both companies used completely different web application stacks that needed to be securely integrated. Before they could integrate, Yelp needed real-time visibility into the Eat24 technology stack to better understand what inbound attacks targeting the application.

The Yelp engineering team was focused on finding and fixing technical debt within the new application, estimating it would take upwards of six months to fix all known flaws (based on an initial risk assessment). With this in mind, Yelp looked to find a solution they could drop in place quickly and with minimal engineering effort that would both protect the application and provide visibility for their DevOps, Engineering, and Security teams into potential attacks targeting Eat24.

The Results

After evaluating a number of legacy WAF vendors as well as CDN-based approaches, Yelp selected Signal Sciences as the winning solution. Yelp’s selection was based on Signal Sciences’ ability to deploy in minutes, provide value not just to Security but also to Engineering and DevOps teams, and protect against attacks without blocking legitimate customer traffic.

Signal Sciences provided the Yelp Eat24 transition with the following key benefits:

  • Ease of deployment and use.
  • Strategic and actionable visibility.
  • Real-time attack telemetry and mitigation.

For the full customer success story, fill out the form and download the PDF.

Read Full Case Study