Magazine Store

Silicon 70 2020

Signal Sciences – Providing Revolutionary Web Application and API Protection that Scales in Any Environment


In today's race to build cutting-edge business solutions, web applications are developed and deployed with a minimalist attention to security threats. Prominent sites from regulated industries like government, financial services, retail, and healthcare are probed daily. The consequences of a security breach are devastating: damage to credibility, loss of revenues, legal liabilities, and loss of customer loyalty. Therefore, the highest standards of security should be the key highlight of your web application. Adequate security measures should be taken a right from the web application development process. This is when Web application security plays an important role, and it is a central component of any web-based business. The Internet's global nature exposes web properties to attack from different locations and various scale and complexity levels. Web application security deals specifically with websites, web applications, and web services such as APIs.

Signal Sciences is the fastest growing web application security company in the world. With its award-winning next-gen WAF and RASP solution, Signal Sciences protects more than 40,000 applications and over two trillion production requests per month. Signal Sciences patented architecture provides organizations working in a modern development environment with comprehensive and scalable threat protection and security visibility. The company works with some of the world's most recognizable companies, like Under Armour, Aflac, and Duo Security, across industries, including five of the top ecommerce companies, five of the largest software companies, in addition to many others in the financial services, retail, healthcare, media and entertainment, and government sectors.

A continuous integration model

The firm has engineered a security solution that's ahead of the curve. The web is evolving fast, with DevOps, cloud infrastructure, new deployment tactics, AI, and changing the landscape almost daily. The company's modern web protection platform is up and running in minutes, feeding attack data to customizable console and all of your integrations in real-time so that security, operations, and development teams can make informed, strategic decisions. Data feeds into the console in real-time, making attacks and anomalies instantly visible to your entire organization. A robust and intelligent decision-making element blocks traffic on the production site to push new code confidently. Signal Sciences ditches the one-size-fits-all approach in favor of adaptive security that responds to each signal with a custom signal.

Signal Sciences Prevents Account Takeover

Signal Sciences Account Takeover Protection detects and stops ATO attempts, protecting customer authentication flows in applications and APIs. Signal Sciences automatically monitors app and API login functionality for successes, failures, anomalous login behaviors, fraudulent account creation, and other suspicious activity. It performs the automatic correlation between anomalous logins and high-risk account behavior such as gift card usage, address changes, credit card authorizations, password resets, etc. Analyzing HTTP request and response data combined with traffic sources, request anomalies, and application behavior in real-time ATO defense allows customers to automatically block and alert on credential stuffing attacks. To enhance their digital toolset's security for mortgage closing, Snapdocs installed the Signal Sciences NGINX module and enabled blocking mode in production within 48 hours. After doing so, they not only blocked potential attacks but gained significant visibility provided by Power Rules.

Cloud DDoS Protection That Maintains App Availability and Performance

Signal Sciences Cloud DDoS protection is an always-on service that prevents network and application layer attacks immediately, so your web apps and APIs are available for customers that drive your business. It requires no additional cost, installation, or maintenance. Performant apps and APIs ensure excellent customer experience, so revenue generation continues uninterrupted. Signal Sciences Cloud DDoS is integrated with Cloud WAF infrastructure with global points of presence to examine traffic before it reaches app or API endpoints. Additionally, the company's patented web protection technology was designed to stop the application-layer denial of service attacks.


Signal Sciences is the 451 Firestarter award recipient, InfoWorld's Technology of the Year, and Computing's DevOps Excellence Award for Best DevOps Security Tool.

Signal Sciences is named a January 2020 Gartner Peer Insights Customers' Choice for Web Application Firewalls (WAF). The distinction recognizes the highest rated Web Application Firewalls solutions on the market as reviewed by enterprise customers, and Signal Sciences has been named two times in a row. Signal Sciences was named as Global Award Winner. These Global Awards are specifically focused on finding innovative infosec players who have a presence outside of the USA and a more global focus.

The Formidable leader

Andrew Peterson is the Founder and also serves as the Chief Executive Officer of Signal Sciences. Prior to co-founding Signal Sciences, Andrew has been building leading-edge, highly performing product and sales teams across five continents for +15 years with such companies as Etsy, Google, and the Clinton Foundation. His book Cracking Security Misconceptions encourages non-security professionals to take part in organizational security. He graduated from Stanford University with a BA in Science, Technology, and Society.

"We're not just rethinking what's possible with web application security; we're revolutionizing it."