Case Study: Eventbrite strengthens security and PCI compliance with Fastly Next-Gen WAF

Strengthen Security Posture and PCI Compliance

Eventbrite needed to strengthen its security posture and meet PCI 6.6 compliance but had lost confidence in its vulnerability scanners, which provided spotty coverage and failed to identify critical code weaknesses. The company also required a flexible security solution for its six global properties and future acquisitions, but was hesitant about the performance and maintenance issues common with legacy WAFs. This led them to seek a new vendor, Signal Sciences and its Next-Gen WAF.

Signal Sciences provided a next-gen WAF that offered comprehensive attack coverage with minimal tuning, blocking threats like SQL Injection and XSS before they reached application servers. The flexible deployment worked seamlessly with Eventbrite's NGINX, HAProxy, and EC2 infrastructure. As a result, Eventbrite moved from monitoring to blocking mode in under 30 days, achieving 100% confidence with a solution that required minimal ongoing maintenance and restored complete visibility into their security posture.

Eventbrite

Paul Pieralde

Principal Product Security Engineer, Eventbrite