Sydney Opera House website bot protection service

The Sydney Opera House (SOH) is seeking a qualified and innovative supplier to provide a comprehensive website bot protection service. As a globally recognised Australian icon and a bustling performing arts centre, the SOH aims to safeguard its digital presence while ensuring an exceptional user experience for millions of visitors.

About the Sydney Opera House

A globally recognised cultural institution, the SOH is an architectural wonder and one of the world’s busiest performing arts centres. The SOH attracts millions of visitors annually, hosts numerous cultural events, offers guided tours, and serves as a vibrant community hub.

Background—ensuring digital security

To counter online ticket scalping and fraud, SOH implemented website bot protection in 2018. However, they face challenges including vulnerability scanning, DoS attacks, and fraudulent account attempts. SOH needs an advanced solution to identify and mitigate malicious bot behaviour effectively.

General requirements—bot protection service

Qualified suppliers must protect our main domain and subdomains from various threats, including DoS attacks, account takeover, API abuse, and more. We require full website and dynamic area protection, minimal impact on load time, and configurable alerts. Differentiating between good and bad bots and minimising false positives are crucial.

Reporting requirements—bot protection service

Suppliers should provide comprehensive reporting on bot activity, including geographic location, number of requests, and suspected bad bot blocks. We need the ability to search for specific bots and track the most requested paths on the website.

Implementation, support, and training

The chosen supplier must provide dedicated support during deployment, configuration, and optimisation of the product. They should ensure seamless integration, minimise false positives through system tuning and ongoing maintenance, and maintain a strong line of communication with SOH teams to address any issues that may arise. The supplier must also provide user training.

Security and privacy requirements

All systems must meet  information security and privacy requirements, including multi-factor authentication.

The SOH bot protection service tender closes on 21 July 2023. Madrigal Communications is experienced in professional services tenders and technology tenders including IT and website development.