Committed to providing the best mobile gaming experience possible for its community of online gamers, LeoVegas has in a few years become the mobile gaming industry’s fastest growing company. Founded in 2011, LeoVegas offers sports betting, dozens of slots, casino and live table games to more than 4,000 players each day. Committed to providing the best mobile gaming experience possible for its community of online gamers, the company has an investment in providing an enjoyable user experience and uninterrupted service to gaming enthusiasts.
LeoVegas was looking for a solution to maintain a high level of security and continue to improve availability and performance of its popular website. Read our case study to find out why LeoVegas chose Incapsula for its global mobile gaming operations.
Distributed denial of service (DDoS) attacks are an ongoing problem for online organizations and companies that have a significant online presence. Websites representing banks, schools, hospitals, and even government agencies have all felt the brunt of a disruptive DDoS attack through invasive malware.
Gaming sites in particular are a favorite target of DDoS attacks because of their sensitivity to latency or down time. A slow sports betting website, for example, can lose customers to its competitors. Hackers also target avid gamers who turn to social media to voice their frustration, giving hackers the celebrity they seek.
Although LeoVegas had yet to be targeted in such a way, it was clear to the operations team that website security and reducing the risk of a future DDoS attack were two key business requirements.
“Our website is our business,” said Manuel Fuentes, head of security at LeoVegas. “From a player experience standpoint, it’s critical that we have uninterrupted uptime. If there is a service disruption or a login delay, our players will take their money and play at one of our competitors.”
Fuentes and his ops team sought a full-service preemptive security solution that could defend against any sort of DDoS attack. He was also on the lookout for an operational system to provide better visibility into LeoVegas’ traffic patterns for marketing purposes.
After looking for an equitable solution to his site’s needs, Fuentes decided the team at Imperva Incapsula offered the most practical and effective solutions. A trial evaluation turned up some issues related to SSL certificates during the onboarding process. These issues were identified and quickly resolved by the Incapsula support team.
“Looking back,” said Fuentes, “dealing with this glitch was a very beneficial experience as it showed us how quickly the Incapsula team reacts to problems. In addition, our IT team learned about what could go wrong technically and how to revert to previous settings when needed.”
LeoVegas is currently using the Incapsula service in its production environment to accelerate and protect the company’s website. All traffic is routed through the Incapsula network, which automatically identifies and filters out DDoS attacks, malicious bots and any other malware activity.
Since deploying Incapsula services, including content delivery network, web application firewall (WAF) and always-on DDoS protection tools, LeoVegas has seen a noticeable improvement in website performance.
Beyond the security benefits Incapsula WAF also lets LeoVegas analyze its traffic. The company now has a granular view of website traffic that is differentiated by human visitors and automated bots. With this insight, the LeoVegas marketing team can optimize its affiliate-based campaigns.
The results of onboarding Incapsula
With Incapsula, LeoVegas has seen the following:
Enhanced security –Incapsula WAF offers out-of-the-box always-on protection against DDoS attacks and blocks exploit attempts
Better visibility into website traffic – The LeoVegas marketing department has a highly granular view of human, good bot and bat bot traffic patterns allowing them to plan marketing activities accordingly
Improved performance – Incapsula CDN caches content in data centers close to LeoVegas’ players, accelerating response times as well as reducing bandwidth costs
Standards compliance – Incapsula WAF is Level 1 PCI-certified, with auditing and reporting capabilities as required in various markets