Duo protects user data for the over 40,000 customers who use their cybersecurity protection or supporting the people who work every day to make their products effective, user-focused and intuitive. Duo builds secure access solutions you can trust. Duo was recently named the best two-factor authentication app by the New York Times Wirecutter! With easy onboarding, optional backups and regular updates, Duo Mobile is the go-to app for simple, secure two-factor authentication.
Industry: Software & Services
Location: North America
Customer since: 2020
Duo was seeking application security visibility for its leading authentication platform and websites that didn’t introduce additional security or operational risk.
Duo customers trust its platform to support the scale and frequency of billions of authentication requests across the globe every week. Duo’s security team needed to see and secure this traffic without negatively impacting user experience or introducing additional security risks. Prior experience with hardware and cloud WAFs that introduced single points of failure and had difficulties wedging into the path of traffic was the reason the team considered an alternative approach.
Duo chose Fastly for our ability to provide immediate security visibility and blocking with an architecture that operations teams were confident would scale without impacting performance.
Our pragmatic approach appealed to all stakeholders
Duo knew that Fastly’s approach was based on our previous experience running engineering and security at one of the Alexa top-100 ranked sites. Across engineering, operations, and security, Duo proved out our ability to keep their site running fast, with accurate detections that could be deployed in blocking mode with enhanced visibility
Our secure architecture easily integrated into Duo’s environment
Duo was cautious in selecting a product that wouldn’t take a lot of resources to deploy, and one that wouldn’t itself become an attack surface. Duo confirmed that Fastly’s software wasn’t susceptible to additional attacks. Our patented module and agent architecture is guaranteed to fail-open, of which VP of Production Engineering Nick Soulliere said, “One -- it hasn’t failed, but two--if it were to, it, would fail gracefully, and that’s huge.”
Security doesn’t have to compromise user experience
The security team found that real security--not just a product deployed in logging mode--is possible with the Next-Gen WAF, without negatively impacting performance of its customers. Duo’s team has experienced zero false positives while installed in production, which means legitimate customers can continue to authenticate while the malicious actors are stopped short.
“We were really impressed with how easy deployment went. Dropping Fastly’s Next-Gen WAF into our existing highly-available architecture with minimal effort was critical to the project’s success.”
VP of Production Engineering
“Fastly’s approach to determining when to block things is super smart. False positives affecting Duo customers are nonexistent.”
VP of Production Engineering