Peach Boosts Security and Customer Confidence Using AWS Security Automations
Digital advertising company Peach has a large digital footprint but historically has not been at high risk for cyberattacks. But when it noticed an uptick in attacks, the company knew it needed to take further steps to protect its systems. So Peach turned to Amazon Web Services (AWS) for a solution, and now Peach not only blocks cyberattacks but also deters them—reducing needless service slowdowns and boosting customer confidence.
Just the assurance of using security solutions from AWS gives comfort to our clients that we take security seriously.”
Clinton Van Ry
Chief Architect, Peach
Moving Quickly to Avoid Damaging Data Leaks
Since 1996, Peach has been delivering video and music advertising content for clients across the globe. With 240 employees in 44 countries, the company distributes about 750,000 unique ads per year. In 2019, Peach began considering the need for an improved intrusion detection and prevention system. “We deemed ourselves low risk at that time,” says Clinton Van Ry, Peach’s chief architect. Soon after, however, Peach detected a slowdown in its web service. The company discovered it wasn’t an infrastructure issue, and after conducting an investigation, Peach determined that it had been subjected to a variety of cyberattacks, such as PHP code injection attempts, even though it wasn’t using PHP.
At this point, Peach knew it had to take action. “The potential of data leakage and reputational damage was significant,” says Van Ry. “We saw that these were frequent and targeted attacks, and as we host advertising content before it goes on air, we take these things very seriously. We like to avoid having a complicated mix of vendors, and we needed to find something quickly that would better protect us from these attempts.”
Reducing and Deterring Cyberattacks Automatically
Peach had been using AWS services since 2008, so the company hoped to find a security solution from AWS as well. “When AWS brings out a solution, it connects to the rest of its infrastructure seamlessly,” Van Ry says. Peach needed a framework that would be simple to run so the team could focus on other security priorities. It discovered that Amazon GuardDuty—a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect a company’s AWS environment—could meet this need. “It took just a few clicks, and we started getting much better visibility on brute force attacks in our virtual private cloud flow logs,” says Van Ry.
The company also implemented a security solution framework using AWS Web Application Firewall (AWS WAF), which helps protect web applications or APIs against common web exploits and bots that might affect availability, compromise security, or consume excessive resources. Specifically, Peach uses AWS WAF Security Automations, an AWS Solutions Implementation that automatically deploys a set of AWS WAF rules that filter common web-based attacks. After some initial testing, the company put the framework into production and immediately began to see results. AWS WAF Security Automations includes a monitoring dashboard, letting Peach see all the activity across its website and gain valuable insight into the traffic coming through its infrastructure. “Peach’s infrastructure handled these attacks before, but this is a much more elegant way to stop it before any potential degradation of user experience,” Van Ry says. Furthermore, the AWS WAF Security Automations component IP Reputation Lists uses logs of known internet protocol addresses to automatically add to the deny list those known to send unwanted requests. “As soon as the tool started creating that deny list, we saw the traffic from those addresses drop on our website, and that was fantastic,” says Van Ry.
Peach implemented its new AWS security solution framework in only 4 weeks, and it was put to the test almost immediately. “At the end of January 2021, it was working,” Van Ry says. “On February 1, we had our first denial-of-service attack against our website, and we saw the framework come to life.” HTTP flood, another component of AWS WAF Security Automations, blocked the requests, and the IP Reputation Lists reduced the traffic. “Previously, there may have been reports from our customers and support teams that the website was getting sluggish,” says Van Ry. “This time there were no issues, and we could see the malicious traffic getting blocked.”
By using a security solutions framework on AWS, Peach has been able to focus on business rather than devoting resources to monitor for cyberattacks. “At times, we would have three or four developers looking through logs, trying to figure out why the website was sluggish,” says Van Ry. “Today, we don’t experience that.” As Peach’s solution consistently thwarted cyberattacks in the months following its implementation, the company saw a reduction in blocked traffic. Initially, 3–4 percent of incoming traffic had been blocked, but now that number is less than 1 percent, showing that the solution is effectively deterring attackers. “Over time, the cyberattacks that we previously experienced have stopped,” says Van Ry. “They just bounce off us now.” To offer peace of mind to its customers, Peach emphasizes its use of Amazon GuardDuty and AWS WAF Security Automations as part of its security solution. “Just the assurance of using security solutions from AWS gives comfort to our clients that we take security seriously,” says Van Ry. Additionally, the company conducts regular penetration tests to evaluate the security of its infrastructure and shares the reports as part of its regular security audits.
Improving Workflows Using Scalable Solutions
Looking to the future, Peach plans to improve the company’s workflows using additional AWS resources built on serverless technology. The company will implement Amazon EventBridge, a serverless event bus that makes it simple to build event-driven applications at scale. Peach will also be using AWS Step Functions, a low-code visual workflow service used to orchestrate AWS services, automate business processes, and build serverless applications. Using these AWS solutions, the company will be able to scale workflows significantly. “Using AWS is crucial to us reaching our business goals,” says Van Ry.
Founded in 1996, Peach distributes and delivers high-quality digital ads from ad agencies and production companies to broadcasters and the online video industry worldwide.
Benefits of AWS
- Reduced blocked traffic from 3–4% to 1%
- Freed up company resources by automating cyberattack monitoring
- Thwarted denial-of-service attacks
- Improved customer confidence
- Connected seamlessly to existing infrastructure
- Managed cyberattacks without a security team
AWS Services Used
Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior to protect your AWS accounts, workloads, and data stored in Amazon S3.
AWS Web Application Firewall
AWS WAF is a web application firewall that helps protect your web applications or APIs against common web exploits and bots that may affect availability, compromise security, or consume excessive resources.
AWS WAF Security Automations
This solution automatically deploys a set of AWS WAF (web application firewall) rules that filter common web-based attacks.
Companies of all sizes across all industries are transforming their businesses every day using AWS. Contact our experts and start your own AWS Cloud journey today.