Financial services · Sydney

Strengthening Application Security with F5 AWAF

Financial Sector

"With F5 AWAF, the organization significantly reduced attacks and improved overall application security and visibility."

Success Story: How SafeNet Helped an Australian Financial Services Company Strengthen Web Security with F5 Advanced WAF (AWAF)

Every organization assumes their applications are secure until attackers begin treating them as free penetration-testing targets.

That was exactly the situation facing one of our clients, a mid-sized Australian financial services provider operating multiple customer-facing web applications, internal portals, and REST APIs. Although they already had traditional firewalls and endpoint security in place, their applications remained exposed to increasingly sophisticated Layer 7 attacks.

The business was experiencing a growing number of automated login attempts, application-layer DDoS activity, aggressive vulnerability scanning, and repeated attacks targeting the OWASP Top 10. Security teams were spending countless hours investigating false positives while development teams worried that new security controls would negatively impact customer experience.

SafeNet was engaged to design and deploy a modern F5 Advanced Web Application Firewall (AWAF) solution that would improve security without disrupting production services.

Rather than simply enabling default security policies, our engineers began with a detailed assessment of the client's applications, traffic patterns, authentication workflows, and API architecture. Using F5 BIG-IP AWAF, we created application-specific security policies that reflected how each application actually behaved.

The implementation included advanced protection against SQL Injection, Cross-Site Scripting (XSS), Remote Code Execution, Command Injection, HTTP Protocol Violations, and the broader OWASP Top 10 attack categories. API traffic was protected using dedicated security profiles, while intelligent bot protection significantly reduced automated credential stuffing and brute-force login attempts.

One of the biggest challenges was minimizing false positives. Instead of deploying restrictive policies from day one, SafeNet operated the solution in learning mode, carefully analysing production traffic before gradually enforcing protection rules. This approach allowed legitimate business traffic to continue uninterrupted while malicious requests were progressively eliminated.

Within the first month of deployment, the client observed a dramatic reduction in malicious web traffic reaching backend applications. Automated attacks that had previously generated thousands of security events each day were blocked before reaching application servers. Login abuse decreased significantly, security alerts became far more meaningful, and the security operations team was able to focus on genuine threats rather than investigating noise.

Performance also improved. By filtering malicious requests at the application edge, backend infrastructure experienced lower resource utilisation during attack periods, helping maintain a consistent user experience even when internet-facing services were under heavy probing.

The project also strengthened the client's compliance posture. With detailed security logging, centralised visibility, and comprehensive reporting, the organisation was better prepared to demonstrate compliance with internal governance requirements and external security frameworks.

Today, the environment is protected by a fully managed F5 Advanced WAF platform designed, implemented, and continuously optimised by SafeNet. Security policies continue to evolve alongside new application releases, ensuring protection keeps pace with changing business requirements.

Business Outcomes

  • Significantly reduced exposure to OWASP Top 10 vulnerabilities
  • Successfully mitigated SQL Injection, Cross-Site Scripting (XSS), and application-layer attack attempts
  • Reduced automated Bot attacks, Credential Stuffing, and brute-force login attempts
  • Lower false-positive rates through intelligent policy tuning and behavioural learning
  • Improved visibility into Layer 7 threats with detailed reporting and analytics
  • Reduced operational workload for the security team
  • Enhanced protection for public-facing Web Applications and APIs
  • Improved compliance, governance, and audit readiness

At SafeNet, we believe that application security is not about blocking everything. It is about understanding how applications are designed to work, allowing legitimate users to access services without friction while ensuring attackers never make it past the front door.

Because in today's threat landscape, your Web Application isn't just another server. It's your business.

FS
Financial Sector
Financial services · Sydney