Case Study: Betterment achieves autoscaling, low-noise application security in its CI/CD pipeline with Fastly Next-Gen WAF

Autoscaling Production Application Security in Betterment’s CI/CD Pipeline

Betterment, an online financial advisor managing over $14 billion in assets and serving 380,000+ customers, needed to protect customer PII and financial assets across hundreds of web servers spun up daily through its CI/CD pipeline. They required a WAF that would automatically scale, accurately block attacks without signature tuning or performance impact, and keep signal-to-noise low—so they adopted Signal Sciences (now part of Fastly).

Signal Sciences was deployed via an Ansible playbook so agents install automatically in the CI/CD process, providing out-of-the-box detections, customizable Power Rules for API and ATO protection, and dashboards that surfaced vulnerabilities and unknown services. The result was automated, auto-scalable protection with no reported false positives after deployment, reduced Security and Operations workload, faster remediation of issues, and effective blocking of malicious traffic without impacting site SLAs.

Betterment

Anson Gomes

Lead Security Engineer