Protecting Network Edge with WAF & Bot Manager

Covanta | covanta.com | HQ: Morristown, NJ| Founded In | Industry: Waste Management

Waste management and energy giant Covanta recently migrated a critical Oracle-PeopleSoft implementation to Oracle Cloud Infrastructure. But first the company decided to shore up security and protect its network edge with the cloud-based Oracle Dyn Web Application Security suite.

Covanta offers a variety of waste management and incineration services. Its energy-from-waste facilities burn about 20 million tons of waste from municipalities and businesses each year, while generating enough electricity to power about one million homes.

Covanta has long used Oracle-PeopleSoft to run its finance, supply chain management, and procurement portal. The company initially managed the application on premises, eventually moving it to Oracle Managed Cloud Services. But it recently decided the time was right to move to a next-level cloud platform. That’s when Covanta migrated to Oracle Cloud Infrastructure.

But with malicious hackers increasingly targeting internet-facing applications in an effort to steal data, crash sites, and spread malware, Covanta realized that it needed a powerful cloud-based web application security solution that could move with the PeopleSoft application and scale with the business as needs change over time. It found the answer it needed in the Oracle Dyn Web Application Security suite.

“[Oracle Dyn Web Application Security] is definitely one of the higherperforming solutions in this space,” said Jason Gonsalves, a security architect and manager at Covanta. “We’re really happy with the capabilities, the output, and the integration.”

Why Oracle Dyn Web Application Security?

Security is one of the biggest concerns that organizations must address before completing a cloud migration. Enterprises often worry that they’ll have to sacrifice their current security posture and quickly adapt to a new security profile once the migration is completed. An even greater fear is that this new security posture will not meet requirements or service-level agreements.

The Oracle Dyn Web Application Security suite alleviates these concerns by protecting an organization’s IT infrastructure before, during, and after migration to the cloud. The suite offers protection that spans customers’ on-premises data centers, the Oracle cloud, and even other vendors’ clouds when needed. This enables customers to maintain a cohesive security posture regardless of where IT systems are running.

“Oracle Dyn Web Application Security can protect a business’s IT infrastructure during all phases of migration,” said Laurent Gil, product strategy architect at Oracle Cloud Infrastructure. “And once the migration is complete, security is as strong if not stronger than before.”

The suite harnesses the power of artificial intelligence and adaptive machine learning to defend websites, applications, and networks from increasingly sophisticated cybersecurity threats. Each component of the suite is fully cloud-based and available as a 24/7 managed service. The Oracle Dyn Web Application Security suite includes a next-generation Web Application Firewall (WAF), a Bot Manager, and API, DDoS, and malware protection.

Upon learning about the Oracle Dyn Web Application Security suite, Covanta decided to set up a proof of concept (POC) with Oracle. The POC demonstrated that the suite could detect and send alerts to administrators about malicious web traffic; identify and send alerts about any activity that falls under the OWASP Top 10 security threats; and detect and send alerts on bot activity.

Covanta decided to go live with the suite’s Web Application Firewall (WAF) and Bot Manager, for advanced bot detection and mitigation. Gonsalves and his team like that fact that the solutions give them greater visibility into web traffic and cybersecurity threats. And because the suite is fully cloudbased, they don’t have to worry about managing infrastructure in-house.

“Right now, we’re focusing on the visibility side of it,” Gonsalves said, “and we’re also in the process of optimizing the rule set.”

Management simplified

Gonsalves can attest that gaining actionable insights from traditional, onpremises security solutions can be difficult at best. He can remember trying to manage 20 to 30 different security environments just to get one piece of intelligence. With Oracle Dyn Web Application Security, gaining actionable insight is much easier.

“Being able to leverage a single environment to get that same information—there’s a lot of value in that from a security and operations standpoint,” he said.

Ben Cabrera, Covanta’s vice president and chief information officer, is also pleased with the cloud-based security suite.

“Oracle provides us with an enhanced security environment,” Cabrera said. “I’m very comfortable in the Oracle environment.”


Download PDF

Want to learn more about Web Application Firewall?


For advanced bot detection and mitigation, Covanta decided to go with Web Application Firewall (WAF) and Bot Manager, which provided greater visibility into web traffic and cybersecurity threats without the worry of managing infrastructure in-house.

Learn More