Strengthening Global Recruitment Brands with Unified Web Security

A global recruitment leader strengthened compliance, visibility and protection across dozens of digital assets.

As a major force in global staffing and talent solutions, this organisation operates multiple specialist recruitment and MSP brands across the UK, North America, Australia, the Middle East, Asia Pacific and Europe. Many of these brands are household names in their sectors.

Supporting millions of jobseekers, the business manages a vast and complex digital estate: recruitment websites, CV databases, payroll platforms, mobile apps, cloud-based file-sharing systems and multi-site infrastructure. Safeguarding this environment is essential, not just for operations, but for client trust and regulatory compliance.

The Challenge

With more than 25 websites and two data centres, the organisation was committed to strengthening security while ensuring compliance with international privacy laws and GDPR principles such as:

Privacy by design
Breach notification
Subject access requests

They required a cyber security platform capable of protecting their brands from sophisticated web application attacks and rising DDoS threats. At the same time, they needed a comprehensive penetration testing programme to validate readiness and uncover hidden risks.

Their objective: protect their extensive global estate while streamlining operations for IT and security teams.

The Solution

During a wider cloud migration into Microsoft Azure, the organisation conducted successful tests that paved the way for a new, fully managed Oracle Dyn Web Application Firewall and Anti-DDoS solution.

The deployment was challenging due to Azure’s handling of encrypted web sessions and load balancing. However, the feature-rich Dyn Cyber Security Suite provided advanced functionality that allowed the team to:

Add geo-load balancing for improved handling
Protect 27 production assets, including websites, APIs, portals and CRM systems
Apply tailored security policies to each site
Manage over 50 live and test domains
Reduce traffic strain with dynamic caching

During early monitoring, security telemetry revealed high volumes of malicious bot traffic consuming substantial resources. The platform now handles 60 million requests per month and transmits 0.7TB of data, all while reducing strain on origin servers by 77%.

Security management is now streamlined through centralised rule tuning, offering customisation across brands that was previously impossible.

Cost-Effective Enterprise-Grade Protection

Access to next-gen cyber security capabilities at a leading price point.

Instant Response Readiness

With 24/7 SOC support and a refined operations playbook, the organisation can test and respond to incidents at any time.

Simplified Deployment & Continuous Testing

Automated penetration testing is embedded into onboarding, ensuring ongoing validation.

Advanced Bot Management

The JavaScript Challenge revealed that 87% of blocked traffic was bot traffic, with over 50% malicious, including content scrapers.

File Upload Protection

AV scanning across the network now prevents malware from entering through job-related uploads.

“Babble has helped simplify an extremely complex deployment for us.Now that we are fully operational with the suite, and automated WAF rule policies applied, I find that I rarely need to log into the management console.As a result of the project, we are now OWASP 2017 compliant, safe in the knowledge that we are protected from API attacks, bot traffic and web app attacks. Babble is always on hand to provide technical assistance when needed”

Enterprise Architect

Client organisation

Ready to get started?