Axon Logo

Protecting and securing communities together

Challenge

During the course of business, AXON’s Evidence.com platform handles a constant flow of digital evidence from various law enforcement and public safety agencies across the globe. Every day, thousands of law enforcement agencies leverage the Evidence.com cloud platform to seamlessly manage their digital evidence in a secure, scalable, and efficient way. This allows agencies to focus on the use of the data rather than the burden of managing it.

Evidence.com connects technology and people in order to create safer communities. AXON’s security and development teams created a way for agencies to safely transfer digital evidence, including body cam video, dash cam footage, and other evidence data from the sources in the field to the Evidence.com central management solution. Given the highly sensitive and personal nature of this information, security is of paramount importance.

“It’s refreshing to work with a security product that not only provides exceptional securty benefits, but also prioritizes performance, reliability, and overall operational manageability. Signal Sciences is easy for our DevOps team to support, which allows us to focus on the security capabilities it provides, rather than fighting with basic operational issues.” Jenner Holden, VP of Information Security at AXON

AXON’s objective & initial WAF solution

Evidence.com’s advanced evidence management system required an equally advanced web application security approach. Unfortunately, traditional WAFs weren’t compatible with AXON’s modern architecture and couldn’t be effectively deployed in production blocking mode. The traditional WAF options were inline and represented a potential single point of failure, which was unacceptable to the teams designing and operating the platform. In response, AXON’s security team built their own detection rules, in addition to evaluating multiple WAF technologies, but were not satisfied with any of the legacy solutions available on the market at the time. AXON found themselves spending too much of their operational resources maintaining their home grown web application security solution, which didn’t provide robust blocking capabilities and was only as good as the rules written for it. Their own detection rules became difficult to maintain with the fast pace of software development, and lacking blocking capabilities made daily operations even more difficult for the and intelligently block attacks in progress against their sensitive data and assets for their agency customers, while not impacting performance, and operational efficiency.

Why AXON chose Signal Sciences’ next-gen WAF solution

Signal Sciences started working with the AXON security team, with support from AXON’s engineering leadership, and quickly came to understand their need for an effective application defense solution. The goal was to help resolve the cumbersome security triaging that the AXON security team experienced and to free up their time to focus on actual attack events and more strategic security initiatives. As former security practitioners, the team at Signal Sciences has immense customer empathy and wanted to provide AXON with a solution that worked “out of the box,” improving visibility and securing their customers’ sensitive data more effectively without compromising operational and business needs.

Ultimately, AXON replaced their homegrown WAF solution with the Signal Sciences next-gen WAF solution. The combination of Signal Sciences’ ease of install that both product and security teams could support, along with true security visibility into attack signals that didn’t require configuration or tuning, allowed AXON to achieve its goals of application protection without compromise.

With the Signal Sciences’ next-gen WAF solution, AXON has been able to gain leverage from existing security resources and advance their application security posture. AXON’s security team is quickly informed of real time web application attacks and blocking decisions, and uses this information to prioritize their security resources to focus on the most targeted parts of their applications. The continuous visibility they receive from the Signal Sciences’ platform helps AXON focus on more strategic decisions and initiatives without taxing their security team to sift through logs or maintain a set of detection rules. Implementing Signal Sciences has enabled AXON to further deliver on their mission to help keep communities safe by providing their law enforcement customers with the highest degree of data protection.

“I was able to go through the new deployment scenario... and it worked great for me! Thank all of you for coming up with asolution that is Ops friendly and should be easy to maintain moving forward.” Morgan Greenwood, Lead Security Engineer