The problem
For years, the government agency had been trying to integrate vital security controls into Microsoft SharePoint. A parade of vendors and system integrators had worked to install WAF (web application firewall) protection. But the solution caused a big new problem: it was blocking massive amounts of completely legitimate traffic. After multiple attempts to get the controls under control, as many as 300,000 citizens a day were still finding
themselves locked out of the services and information they needed.
Finally, after years of being told how hard the problem was to fix, the agency received some good news: RedShield could help.
The solution
The RedShield team knew that any part of a security solution that wasn’t absolutely crucial to providing the required protection could end up causing unforeseen trouble. They used vulnerability scanners and penetration test reports–instead of inflexible machine learning– to pinpoint any parts of the baseline policy that weren’t required. Then, they extracted those elements.
Next, the team tuned the profile and documented status to ensure that, should there be any post-deployment issues, their experts knew the profile well enough to make
critically accurate changes, quickly.
Just six weeks after the initial controls deployment, alert logs were down to zero. RedShield then turned on blocking, and conducted another two weeks of rigorous
testing. Still zero. The following week brought full deployment, which successfully transitioned through transparent and into blocking.
The results
Fast forward two years. The solution hasn’t reported a single false positive. RedShield application security deployments are running at a 0.0002% false positive rate. That’s nearly three orders of magnitude better than the industry. Today, the government agency has very little to report, except that customer complaints have nearly disappeared.
Today, RedShield continues to stand guard:
- Resolving any false positive reports in just 15 minutes
- Delivering analysts’ reports monthly
- Conducting weekly scans and periodic penetration tests
“RedShield are truly experts in deploying application security controls. We had ‘the best of the best’ giving us excuses and regularly explaining in crisis meetings why this was such a hard problem to address. RedShield stepped in and, without fuss, just deployed. Third-party security tests show what they did is effective, but the lack of fuss and customer complaints is what has really impressed me.”
— Government Agency Executive
