Platform
Packages
- SOLUTIONS
- INDUSTRIES
Products
Company
Contact Us
This online learning company is a leading education technology innovator, creating engaging and effective learning resources to help children build a strong foundation for academic success. Its flagship product in the United States is a comprehensive curriculum for preschool through second grade, available on all major digital platforms and used by tens of millions of children.
“The business case for HUMAN made itself. I'm saving my team almost a hundred hours a month going through logs. We’re saving a ton of money from carding attacks and chargebacks. We are actually getting accurate metrics and data on things like organic traffic, which we can provide to executive teams or venture capital firms. Once people see the efficacy and value, there is no way you can live without it."
The COVID-19 pandemic spurred exponential growth in virtual education, raising the online learning company’s popularity—and making it a bigger target for bot attacks. The company’s security team noticed an increase in carding attacks on its websites, which led to financial losses from chargebacks and damaged consumer trust. The high volume of bot traffic also skewed the company’s web analytics and required hours of manual work to clean up.
Additionally, the online learning company relied on third-party JavaScript and open-source libraries to build its websites. They realized that some of this JavaScript could access users’ PII when they typed it into site forms, a data privacy compliance violation. They needed full visibility and control of third-party script behavior to ensure compliance and prevent digital skimming attacks.
The online learning company wanted a single platform to address bot attacks and client-side threats. HUMAN Application Protection met their needs on both fronts.
Transaction Abuse Defense and Data Contamination Defense
Application Protection uses the same open architecture, making it easy to integrate with the company’s existing infrastructure, including AWS CloudFront. Together, the solutions provide a layered defense model that protects against a range of cyberthreats.
Application Protection has protected an average of 26.5 million page views from bots each month. The drop in malicious bot activity has saved the online learning company tens of thousands of dollars in chargebacks. Because Application Protection automatically removes bot traffic from website data, the company’s marketing team has saved almost 100 hours each month manually sorting through metrics.
In addition, Application Protection identified 562 scripts from 28 different source domains that sent data to 74 destination domains. The solution discovered that the online learning company risked violating GDPR and CCPA because two of their legitimate third-party vendor scripts could access users’ PII. Application Protection blocked access to the sensitive fields, helping ensure compliance.
All in all, the online learning company has gained real-time visibility and control into its client-side supply chain attack surface and remains protected from malicious bot attacks.