16K
number of games accessible to B2C operators
21K
transactions per second that need to be secured
0
critical cybersecurity issues identified
Global iGaming aggregator leverages Continent 8’s Vulnerability Assessment and Penetration Testing (VAPT) cybersecurity services to securely connect B2C operators to over 16,000 games from more than 160 providers.
The customer
Alea is an award-winning leader in the field of online gaming, with a decade of experience in the industry. Alea aggregation platform handles over 21,000 transactions per second, with bank-level security, full regulatory coverage and local insights that helps their customers move faster in markets like Brazil, South Africa, Spain and beyond.
Alea is one of the industry’s most rapidly expanding game aggregators. By utilising a single API integration, Alea offers customers access to over 16,000 games from more than 160 providers, simplifying technical complexities and enhancing operational efficiency. The security and reliability of these game APIs and integrations are vital to Alea’s operational integrity.
To address the evolving cybersecurity challenges associated with a rapidly growing network, Alea engaged Continent 8 to conduct a thorough assessment and evaluation of their cybersecurity framework through a comprehensive Vulnerability Assessment and Penetration Testing (VAPT) service.
The challenge
Alea’s coding platform comprises over 100 microservices leveraging diverse technologies, databases and queue systems, presenting a significant technical challenge in securing all connections. Additionally, Alea processes over 21,000 requests per second, necessitating the demonstration of successful transaction management. With a complex aggregation platform, Alea aimed to ensure and demonstrate their status as a secure and robust game aggregator provider.
The solution
Continent 8, along with its specialised cybersecurity division, C8 Secure, conducted the cybersecurity audit. They employed their Vulnerability Assessment and Penetration Testing (VAPT) service to perform a thorough security evaluation of Alea’s entire digital infrastructure, providing a complete view of their attack surface area.
The benefits
The VAPT service from Continent 8 and C8 Secure enabled Alea to safeguard their API, code and services against vulnerabilities such as broken authentications, cross-site scripting (XSS), sensitive data exposure and SQL injection. As a result, the cybersecurity audit identified no critical issues within their aggregation platform.
Project conclusion
The comprehensive VAPT assessment allowed Alea to detect potential internal and external IT vulnerabilities, enabling them to prioritise and implement security improvements to reduce risk exposure, thereby assuring their customers of a secure and reliable platform.
Patrick Gardner, Chief Security Officer at Continent 8, presenting Eduard Fumás, Chief Technology Officer at Alea, with their VAPT completion certificate.
Eduard Fumás, Chief Technology Officer at Alea said, “At Alea, security is at the core of everything we do. Our commitment to creating a secure, robust and scalable API solution sets a new standard in the iGaming industry, where data protection and system integrity are critical. Partnering with Continent 8 has been an important step for us in proactively safeguarding our platform and reinforcing the trust our partners place in us. This collaboration ensures that we continue to deliver a reliable, secure API experience to our clients. We’re proud to work with a partner that shares our dedication to cybersecurity excellence.”
Patrick Gardner, Chief Security Officer at Continent 8 said, “Alea’s three principles of security, scalability and robustness resonate with Continent 8. Given the number of APIs Alea is using, their proactive approach to assessing their business and guaranteeing security for its partners is imperative.
“It’s great to be supporting Alea; we encourage all businesses in this industry to take the cybersecurity threat seriously.”