Scaling Enterprise-Grade Security Operations

Project Details

Client

Link11

Industry

Cybersecurity

Engagement Type

Managed infrastructure and security

24/7
2023 - Present

Every result here started with a conversation

Book a Call

Scaling Enterprise-Grade Security Operations

Post by BlueGrid.io Content Team
Reading time: 5 minutes

Background: A 5-Year Security Operations Partnership

Our collaboration with Reblaze began over five years ago, when the company was rapidly scaling its enterprise cybersecurity platform. As customer demand for always-on protection increased, Reblaze needed a dedicated Security Operations Center (SOC) capable of delivering 24/7 monitoring, fast incident response, and deep platform expertise.

BlueGrid.io was engaged to design, build, and operate a fully dedicated SOC – not as an external monitoring add-on, but as a true extension of Reblaze’s security organization.

Over the years, this partnership matured into a long-term operational model that supported platform growth, enterprise customers, and high-pressure security events – while remaining stable through one of the most significant moments in the company’s history.

In 2023, Reblaze was acquired by Link11.

2023 – 2025: Transition Without Disruption

Link11 acquired Reblaze in 2023 as part of its strategic expansion in application security and DDoS protection.
For security operations, this kind of transition typically introduces risk: organizational changes, tooling evolution, new processes, and increased platform complexity.

For Link11 and its customers, continuity was critical.

As the new leadership noted, the partnership quickly proved to be a continuing success story they inherited through the acquisition – and one they have since deepened. BlueGrid.io’s teams today support the organization across cybersecurity, development, and financial operations with a level of dedication and expertise that allows internal stakeholders to stay focused on product innovation.

Thanks to the existing SOC structure and deep platform knowledge, security monitoring and incident response continued without interruption throughout the acquisition and post-acquisition phase.

In 2025, Link11 introduced the Link11 WaaP platform, an advanced Web Application Firewall designed to deliver improved scalability, expanded protection capabilities, and enterprise-grade resilience against evolving threats. BlueGrid.io’s teams adapted their operational model to support this next stage – without losing the rigor built over the previous five years.

Evolving the SOC Model for 2025

As the platform and organization evolved, so did the security operations structure.

Rather than expanding complexity, the focus in 2025 was refinement: maintaining the same level of protection, response quality, and customer confidence – with a more streamlined team setup.

Current Security Operations Structure

  • Core Security Operations Team
    Senior analysts responsible for platform-wide oversight, coordination, and quality assurance.
  • 24/7 Monitoring Across Time Zones
    Continuous coverage ensures early detection and real-time response regardless of attack timing.
  • Tiered Operational Teams (T1-T3)
    • T1 & T2 teams handling continuous monitoring, alert triage, and incident classification
    • T3 engineers focused on complex incidents, advanced mitigation, and high-priority customer environments

While the structure was slightly reduced and optimized, the scope of responsibility remained the same: comprehensive monitoring, fast reaction, and deep technical involvement during active attacks.

The result: a leaner model that still delivers enterprise-grade security outcomes.

Supporting Platform Visibility & Customer Self-Service

Alongside security operations, BlueGrid.io also delivered a secure, multi-tenant NetFlow analytics and visualization platform for Link11, enabling customers to explore traffic data through branded, self-service dashboards while maintaining strict data isolation and operational simplicity for internal teams.

(This project combined ClickHouse-backed analytics, a multi-organization Grafana setup, and extensive automation to support fast onboarding, consistent dashboards, and enterprise-grade data governance.)

Beyond Security: Supporting Operational Reality

Following the acquisition, Link11 entered a new phase of growth that brought increased operational and financial complexity alongside technical scaling.

To support this transition, BlueGrid.io expanded its engagement by introducing a dedicated bookkeeping and financial support team. Working closely with Link11’s internal teams, we streamlined invoice workflows, strengthened receivables and payables tracking, and standardized key procedures, improving visibility, cash flow predictability, and reporting clarity.

By refining tracking and reconciliation processes and providing structured support during monthly and annual closings, we helped reinforce financial accuracy and operational efficiency.

This collaboration ensured that Link11 could continue scaling with confidence, supported by transparent, well-structured, and reliable financial operations.

2025 Operational Results: Security Under Sustained Pressure

Throughout 2025, the SOC teams protected the platform against a high volume of real-world attacks, demonstrating both resilience and consistency under pressure.

Key Outcomes

  • Dozens of confirmed security incidents handled across the year
  • Large-scale DDoS and DoS attacks reaching:
    • Tens of thousands of requests per second
    • Multiple incidents peaking at or near 100,000 RPS
  • Massive attack volumes, with:
    • Individual waves involving tens to hundreds of millions of requests
    • Multi-hour incidents exceeding billions of total requests
  • Advanced application-layer attacks mitigated, including:
    • SQL injection
    • Cross-site scripting (XSS)
    • Host header abuse
    • Directory enumeration
    • Aggressive automated scraping

These attacks often occurred in parallel, combining volumetric pressure with application-layer exploitation attempts.

Measurable Security Impact

  • 99 – 100% of malicious traffic is blocked in the vast majority of incidents
  • Zero service disruption for legitimate users during both short, high-intensity bursts and long-running attacks
  • Early detection, accurate classification, and real-time mitigation through:
    • Traffic analysis
    • Rule tuning
    • Active response by experienced analysts

This year-long performance highlights the team’s ability to adapt to evolving attack patterns, maintain stability under sustained load, and protect business-critical systems without compromise.

Ongoing Collaboration & What’s Next

The partnership with Link11 continues in 2025 with the same core principles that defined the original Reblaze collaboration:

  • Dedicated, product-aware teams
  • Continuous monitoring and rapid response
  • Operational flexibility during growth and change

In parallel, BlueGrid.io and Link11 are working on a platform migration initiative, which will be covered in a separate, dedicated case study.

Client Value at a Glance

For Link11 and its customers, the value of this long-term collaboration is clear:

  • Continuous security operations through acquisition and platform evolution
  • Enterprise-grade protection at scale
  • A trusted operational partner that adapts as the business grows
  • Reduced internal burden during high-pressure security and organizational transitions

BlueGrid.io Content Team

Three people pose together against a plain white background. The woman on the left is smiling with her hand on her hip, while the two men beside her stand closely, one in a hoodie and the other in a plaid shirt.

BlueGrid.io Content Team

BlueGrid.io Team is an editorial collective of engineers, practitioners, and contributors sharing insights across technology, operations, company culture, and the people behind the systems. Content is created through interviews, hands-on experience, internal collaboration, and editorial review, reflecting both how systems are built and how teams work together in real-world environments.

More from BlueGrid.io Content Team →
Share this post

Share this link via

Or copy link