DHI Group runs 100% in AWS. We provide a job recruiting platform for technical candidates and businesses in the United States as well as Europe and Asia-Pacific. AWS helps us deliver features to customers more quickly and reduce data center costs.
When I joined the company about two years ago, we were at the end of a three-year AWS migration plan. Our development teams were operating in a “free-for-all” state, building anything they wanted, however they wanted, with little security oversight. The attitude was simple: “Security is not my responsibility – that’s for the security team!”
The security team tried to implement guardrails to keep DevOps in check using a configuration monitoring tool along with another point tool that handled flow log analysis and network alerting. So many alerts were generated that it was nearly impossible to use them to draw meaningful conclusions and prioritize remediation. Ultimately, security was overcome by “alert fatigue,” and the point products caused more harm than good.
A Better Way: Enter Prisma Cloud
We sought a replacement that combined configuration analysis and network analysis – and more importantly, data correlation and context – to reduce the number of security alerts and allow the security team to prioritize threats that really matter. We chose Prisma Cloud after reviewing several products. It’s easy to deploy, agentless and took just 5 to 10 minutes to set up and get running.
Here’s why we picked Prisma Cloud:
Catalyst to Cultural Transformation
In the past, when something would break, it was difficult and time-consuming for DevOps to track down what went wrong. Prisma Cloud’s AWS CloudTrail history allows DevOps to easily identify exactly what changed, when it changed and who changed it.
Changing Bad Habits
Most of our developers and engineers didn’t know much about configuring AWS securely. Prisma Cloud enabled us to clearly communicate our standards across the organization through its guided, automated remediation capabilities. That allows developers to “learn as they go” without feeling they were doing extra work.
Instilling Community
DHI’s developers are spread across the globe. While the security team has good relationships with developers who work alongside us in our home office, we had very little contact developers working remotely and in branch offices. This made it nearly impossible to enforce security standards. The culture shifted after we implemented Prisma Cloud. We now have security chat rooms where teams can share best practices and ask for help in real time.
Prisma Cloud has helped reduce the volume of required follow up activity. There’s a sense of accountability. Developers know that if they don’t build securely in AWS, they will be required to go back and fix their mistakes. I can confidently say that security is no longer an afterthought. We’ve been able to “shift left” and bake security into the development process.
Outcomes
We achieved security and business improvements after moving to Prisma Cloud. Here are three significant ones:
- Winning Trust With Stakeholders: When I talk to the board of directors, they want to know about breaches across our industry, exposed S3 buckets or other vulnerabilities that are reported. They ask me if we are protected against such issues and how we would know if we were affected. Prisma Cloud makes it easy for me to demonstrate that we have visibility into these resources and would know almost instantly in the event of an exposure.
- Maintaining Continuous Security Posture: In the past, our security posture was always continually getting worse. As we built more in AWS, we were slowly digging ourselves into a bigger security hole. Now, we fix problems as they arise. It’s a “clean as we go” mentality.
- Enabling Security Automation: When you start building infrastructure as code, you quickly see the security issues that arise. Your first question then becomes, “How do we automate the remediation of these?” Implementing a tool like Prisma Cloud will be your first step in enabling an automated cloud security strategy.
When Dev and Sec Teams Unite
I have watched our company culture transform over two years. The security team went from being siloed and excluded from engineering and architecture discussions to being a critical part of those discussions and, in some cases, leading them.
My belief is that there is pretty much always a way to build something securely, and I hesitate to ever say no to anything. Prisma Cloud provides the visibility and actionable intelligence required to protect your cloud data and your business.
Want to try it out yourself? Sign up for a 30-Day Free Trial.
The post From ‘DevOps vs. SecOps’ to DevSecOps appeared first on Palo Alto Networks Blog.