Swapcard is a leading event and community platform for virtual, hybrid, and in-person exhibitions and conferences. The company offers end-to-end technology covering event registration, engagement, and networking needs, all powered by advanced artificial intelligence.
In 2020, the Coronavirus pandemic forced Black Hat - organisers of the world’s largest cybersecurity events - to take its annual USA conference online. It was the first time this had ever been attempted, with huge potential risk around data hacking.
Swapcard was selected as the technology partner for delivering the event, and from the moment the project was initiated, security was obviously a top priority.
With just one month to go until Black Hat USA, Black Hat and Swapcard knew they needed help to ensure the platform was secure by design, and that they could effectively monitor web traffic during the event to look for suspicious activity.
Claranet instantaneously brought a wealth of security experience to our team in the short period before the event. They were committed to helping us feel confident in our platform's security, not selling us on fear. That's very different to how a lot of other cybersecurity providers operate."
Ronan Guiho, CTO, Swapcard
After meeting with Claranet’s solution engineers, the team decided to run penetration tests on Swapcard’s systems, and to implement Claranet’s Managed Detection and Response (MDR) service, which monitors internal and external traffic to identify malicious actors and quarantine threats.
Penetration testing – ensuring security by design
The Claranet team ran a number of pen tests, both on Swapcard’s SaaS platform and on their AWS cloud environment.
Obviously, the pandemic has been extremely significant for our business, but our partnership with Claranet has enabled us to capitalise on the disruption with the confidence to continue to strengthen our security posture.”
Ronan Guiho, CTO, Swapcard
“The web application test on their platform enabled us to ensure that delegate data was secure,” explains Alex Hunt, Managed Security Services Practice Lead at Claranet. “Our AWS test ensured that Swapcard’s environment was built in line with security best practices, which was important given the high-profile nature of Black Hat.”
Black Hat and Swapcard were immediately impressed with Claranet’s approach. Instead of running a pen test and presenting the results for Black Hat to work on themselves, Claranet’s specialists guided the team to increase the security of their platform.
Managed Detection and Response
Claranet’s Managed Detection and Response (MDR) service provided additional real-time analysis of security alerts generated by a best-in-class, highly available security incident and event management (SIEM) platform. The solution gives Black Hat access to Claranet’s experienced security analysts, who provide rapid investigation and response to security incidents, including a priority one SLA of just 15 minutes.
The scale of the traffic coming into Black Hat was ground-breaking in several ways. The USA conference was expected to generate around 5TB of data over the two-week period it was running – the same amount of data that Swapcard processed per month across its entire business at the time. Even the proof-of-concept was record-breaking.
Results and benefits
The most notable result of Claranet’s engagement with Black Hat was that there were no headlines about data breaches or hacks during Black Hat USA in 2020. This first virtual event went ahead with over 16,000 delegates attending, and it stayed secure.
The MDR team did find a threat, which was successfully identified and quarantined by the triage team.
The success of Black Hat USA 2020 has meant that Swapcard now use Claranet MDR to monitor all their events. This is at least part of the reason why Swapcard enjoyed 400% growth in 2020.