Security
Travel and Transportation

Booking.com achieves first-class security with unified data platform powered by Elastic

Download the pdf

Boosts security

With Elastic, Booking.com can maintain first-class performance of security systems used by its cybersecurity, fraud, and compliance teams.

Reduces fraud

Booking.com uses the power of Elastic to detect and prevent fraudulent activities effectively.

Increases efficiency

With Elastic, Booking.com tripled the volume of data it ingests while platform management has decreased from four full-time engineers to the equivalent of half an engineer.

Video thumbnail

Global travel platform makes journey to the cloud, protects against cyber-attacks, and reduces fraud with Elastic Security and Observability

If you've reserved a hotel, flight, or rental vehicle in the past few years, there's a good chance that you planned the trip with Booking.com, the largest online travel agency in the world. The Amsterdam-based platform enables customers to organize their journeys from the moment they exit the front door to the moment they return. This includes the opportunity to book from 28 million listed accommodations including established hospitality brands and entrepreneurs of all sizes.

To protect revenues and reputation in this highly competitive marketplace, Booking.com relies on the non-stop availability and integrity of its IT applications and infrastructure. These include security and other systems that generate massive volumes of logging data, and include observability data used to monitor performance and fix errors before they impact the customer experience.

Much of the responsibility for system resilience falls to Gabriel Vignolo, Group Product Manager, Booking.com. "Part of our role is to protect multiple security domains within the business. They include our cybersecurity, fraud, and compliance teams. We depend on comprehensive monitoring and diagnostics with Elastic to meet availability and security KPIs," he says.

Reliability and speed are also priorities. David Ponessa, Senior Site Reliability Engineer, Booking.com, says, "While our previous workflows delivered a satisfactory outcome, we needed a faster, more unified observability solution that aggregated data at a central location and could also be accessed by security teams across the business."

A first-class flight to the cloud

Booking.com was already using Elastic for standalone projects in several departments and Vignolo saw the potential to expand its role across the business. "We did look at other observability solutions, but in our opinion, they were too slow and expensive for the volumes of data that we need to monitor. We much preferred Elastic for its scalability and its ability to grow as fast as we need," he says.

Vignolo and Ponessa consulted closely with security stakeholders across the business to ensure that Elastic met their requirements. They also called on experts from the Elastic Consulting team who helped bridge the expertise gap that Booking.com didn't have time to acquire themselves. This included their dedicated technical account manager and solution architect, who recommended Elastic Cloud for autoscaling, frozen data tiers with searchable snapshots, and cross-cluster replication and search.

"Moving to the cloud is a complex undertaking but the Elastic Consulting team took time to understand our goals and worked closely with Booking.com engineers to complete the migration to the satisfaction of our stakeholders."

– Gabriel Vignolo, Group Product Manager, Booking.com

Today, Booking.com's relies on Elastic Observability to defend the business against threats including account takeovers, SQL injections, malicious URLs, and unwanted bot traffic. Through the comprehensive insights offered by Elastic Observability, the security teams can effectively identify and prevent fraudulent behavior.

Clear directions from a detailed roadmap

In the past year, Booking.com's Elastic platform has grown from 35 terabytes a day to ingesting 100 terabytes every day, from 70 to 100 data streams. "As well as security, Elastic Cloud also boosts our overall efficiency. We've more than tripled the amount of data that we ingest, but we've gone from four full-time engineers monitoring the platform to the equivalent of just half an engineer every week," says Ponessa.

This rich source of information enables security teams to add use cases quickly and strengthen defenses across the organization. Kibana dashboards also play an important role, visualizing data, identifying trends, and alerting engineers to errors.

Booking.com can measure these advances using its NIST Cybersecurity Framework score, a set of guidelines published by the US National Institute of Standards. "Elastic supports our efforts to increase our NIST standing, which boosts confidence within the organization and with our partners," says Vignolo.

When it comes to Elastic's roadmap, Booking.com is keen to make further use of AI features that will help drive the operations of its complex data platforms while reducing operational costs. Ponessa and Vignolo also meet with their Elastic colleagues every month who offer advice and explain new features that could be valuable to the business.

Taken together, these activities help maintain Booking.com's position as the world's largest online travel agency in the wake of the Covid-19 pandemic. Consumer tastes have altered as have the services offered by airlines, hotels, and private hosts, but the business remains healthy, making data-driven decisions to attract a new generation of travelers.

"We're very excited about the future of Booking.com with Elastic. We see the potential of AI to streamline the management of complex platforms while serverless computing will help us to further reduce cost and risk. Above all, Elastic protects our brand with an integrated security solution that automates data gathering, analysis, detection, and response."

– Gabriel Vignolo, Group Product Manager, Booking.com