How a Global Insurer Protects Customer Data & Achieves Compliance With DataDome – Source: securityboulevard.com

Facing a surge in sophisticated bot attacks that endangered their digital platforms and compliance with stringent data protection regulations, a leading global insurance company sought an urgent solution. With millions of customers worldwide relying on their financial services, the organization knew that effective security measures were non-negotiable. Partnering with DataDome, the company can now block advanced threats such as credential stuffing and brute-force attacks while gaining actionable insights into bot traffic and safeguarding critical authentication points, ensuring regulatory compliance and customer trust.

“DataDome gave us visibility into threats we didn’t even know were happening. It’s very reassuring to know we can now detect and block attacks in real time.”

The challenge: Improving security & compliance across websites

As a leader in the insurance sector, the company was facing increasing threats from bad bots targeting its websites. Common attacks, such as brute force login attempts, credential stuffing, and fake account creation, posed risks to both security and user experience. The company’s website was also targeted occasionally by scraper bots. However, the protection they were using against the bots was lacking in two critical areas: detection accuracy and compliance with European data regulations.

“We were using another solution, but it wasn’t compliant with our regulatory rules,” says their Security Consultant. “Additionally, it didn’t provide clear visibility into the nature and scale of bot attacks. We often had to make assumptions about potential threats.”

They went in search of a platform capable of meeting their stringent requirements.

The solution: A high-detection accuracy & GDPR-compliant platform

After an in-depth benchmarking process, the company selected DataDome for its superior detection capabilities, real-time protection, and compliance with European data privacy laws. “As a French firm, DataDome’s local presence and adherence to these regulations were significant advantages,” remembers the Security Consultant.

Implementation began with a proof of concept, followed by a pilot phase that delivered immediate results. “During the pilot, we identified an attack that our other security tools couldn’t detect or block,” he says. “This convinced us that DataDome was necessary to protect our digital presence.”

DataDome’s platform was deployed across the organization’s critical endpoints, particularly the login and account creation interfaces, which were the main targets of bot attacks. The integration process, though complex due to a diverse technology stack, was successfully managed with support from DataDome’s dedicated team.

The results: Improved visibility of threats, time savings, & no more bots

Once DataDome deployed, the company saw a significant improvement in its bot management capabilities. The platform was able to detect and block malicious bot traffic in real time, protecting critical endpoints from brute force attacks, credential stuffing, and scraping attempts.

“DataDome gave us visibility into threats we hadn’t seen before,” says the Security Project Manager. “It’s reassuring to know we can now detect and block attacks in real time.”

The solution also enabled the insurance group to meet strict European regulatory requirements, such as GDPR, thanks to DataDome’s fully compliant solution. Moreover, the improved visibility provided by the platform enabled their teams to refine their security strategy based on the scope of bot activity. The security team is pleased with the collaboration with the DataDome team: “Their SLA response time has been excellent.”

Today, the organization continues to expand DataDome’s coverage across its digital properties, ensuring consistent protection and compliance.