IT Brief Australia - Technology news for CIOs & IT decision-makers
Story image

Aqua Security on how to navigate the Cloud’s complexities

Fri, 8th Dec 2023

Enterprises are building, deploying and managing modern applications in cloud computing environments. By adopting cloud technologies, they can build highly scalable, flexible and resilient applications that can be updated quickly.

Cloud native technologies support fast and frequent changes to applications without impacting service delivery. They help industries to increase efficiency, reduce costs and ensure availability of applications to meet their customer demands.

With all the benefits the cloud has to offer, it also introduces a new set of challenges, particularly for industries where security and compliance are priorities.

When PPRO and Spotnana, influential companies within the fintech and travel sectors, needed to prioritise their security and regulatory compliance, they turned to my company for a solution.

The growing complexity of their environments, the numerous alerts hindering their ability to effectively monitor and mitigate vulnerabilities and the mounting concerns around keeping speed and agility in the DevOps team while ensuring security were only a few of the challenges each was looking to resolve. 

PPRO (pronounced 'p-pro') is at the forefront of the fintech industry, providing banks and businesses with a globalised digital payment infrastructure. PPRO's secure and unified payment platform grants customers access to card schemes, payment methods, fraud screening tools and other robust capabilities.

These tools empower users to conduct quick transactions, enhance checkout conversions, and streamline services via a single connection. PayPal, Stripe and GlobalPayments are just a few of the businesses that rely on PPRO.

As a global payment provider, PPRO adheres to stringent regulations spanning various industries and countries. Looking for a complete cloud native solution to help balance the multiple workloads and environments, PPRO chose us to protect and monitor their customers' payment platforms, ensuring end-to-end visibility, speed, and compliance. 

Our solution bridges the gap between PPRO's developers and management to prioritise vulnerabilities and streamline remediation efforts.

PPRO's security team can now collaborate to address and resolve discovered vulnerabilities, whether that means fixing them immediately, monitoring for malicious activity at runtime, or flagging the non-compliant resource. By scanning for secrets hidden below the surface of PPRO's platform, our product has transformed PPRO's operational hygiene. 

Time savings proved evident during the Log4J and Spring4Shell vulnerabilities. The first instance occurred before PPRO's deployment of our tech, while the second vulnerability was detected shortly after the implementation.

In response to the first CVE report, PPRO's security team took immediate action, developing and testing writing scripts to run against all known repositories – a task that consumed hours of effort.

Since the implementation of the defence platform, PPRO's security team receives instant notifications and gains clear visibility into all affected applications via the dashboard. What used to take hours or days of research and remediation now only takes a matter of minutes. Our cloud native protection platform provides PPRO with a competitive advantage in the financial services sector respectively.

A new call-to-action

Spotnana is a global travel-as-a-service platform redefining corporate travel with personalised and cost-effective offerings. Spotnana provides cloud-based travel solutions to bring simplicity and trust to adventurers worldwide.

Leveraging cloud computing, microservices and open APIs, Spotnana drives innovation in the travel industry. Corporations, agencies, suppliers and technology providers using Spotnana's platform can deliver travel experiences smoothly to connect people from all around the world.

To establish trust with its customers, Spotnana must secure the cloud native technology that powers its transformative travel-as-a-service platform.

Built on AWS Fargate, Spotnana assumes responsibility for the security of their cloud native applications, including video and runtime. Gabriel Alexandru, Senior Security Engineer at Spotnana, emphasised key concerns in the company's security posture.

"We were building the security function from the ground up and lacked telemetry and protection on our AWS containers," he said. "Without forensic evidence of what was happening on those containers, we couldn't harden runtime and certainly couldn't prevent anything from happening at runtime."

Spotnana needed cloud native protection that would fit into its existing tools and workflows, ensuring end-to-end protection from development to runtime.

My company's tech emerged as the optimal solution to secure Spotnana's travel-as-a-service platform with AWS Fargate. Its platform provides essential telemetry, runtime hardening, and comprehensive cloud-native security across the entire application lifecycle.

Seamlessly integrating into Spotnana's DevSecOps workflows, our technology brings dynamic threat analysis, container protection and detection of malicious behaviour into their security landscape. With effortless scalability, accurate threat detection, and Kubernetes expertise, it delivers unmatched value for the Spotnana platform, its security team, and its customers.

Spotnana intends to further leverage the technology's' features and values our company's valuable research and educational content, which keeps them informed of the latest threats. With such support, Spotnana maintains a secure infrastructure while cultivating innovation and delivering exceptional travel experiences.

In navigating the complexities of the cloud, the stories of PPRO and Spotnana highlight the pivotal role our technology plays in enabling organisations to harness the full potential of cloud native technologies while addressing the unique challenges they bring.

As cloud computing continues to reshape industries, security and compliance remain paramount concerns. PPRO's journey illustrates how our security facilitates the seamless integration of security into DevOps workflows, transforming operational hygiene and reducing response times to vulnerabilities.

Spotnana's experience highlights how we empower companies to build trust by securing cloud native environments and ensuring end-to-end protection. 

Both stories exemplify the ability to not only safeguard critical assets but also drive innovation and enhance the delivery of exceptional customer experiences in the cloud era.

The technology is not merely a solution but a strategic partner in navigating the cloud's complexities, safeguarding enterprises, and propelling them towards success in the ever-evolving digital landscape.

Forrester Consulting recently examined the Total Economic Impact (TEI) and the return-on-investment (ROI) that enterprises may realise by deploying my company's solution. Dive into the new study to learn how to achieve 207% ROI along with other quantifiable benefits of using our platform.  

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X