Case Study
In brief
Global healthcare corporation
Healthcare
Healthcare equipment and devices
25,000+
Global
Securing a vast and complex cloud environment including: 40 AWS accounts, 20+ Kubernetes clusters with the ability for real-time alerts and rapid response, and their 35,000+ containers.
Prisma® Cloud by Palo Alto Networks secures cloud and AWS environments.
INTRODUCTION
CHALLENGE
REQUIREMENTS
With a vast array of applications and services running, the company needed a reliable system to detect and manage vulnerabilities, especially in Docker images. Vulnerability detection and management were crucial for maintaining the integrity and security of their applications.
The company’s existing DevOps processes and infrastructure demanded a security solution that could integrate seamlessly without disrupting ongoing operations. The integration was a vital requirement for the organization to maintain workflow efficiency and security.
The ability to receive immediate alerts on security issues and the capacity for quick response and remediation were essential. The company needed a system that could not only identify problems but also facilitate swift resolution.
Given the scale of the company’s operations, a user-friendly interface for managing the security platform was essential, as it would ensure ease of use and efficiency for the engineering and IT teams.
As a large enterprise, the healthcare company required a security solution that could scale with its growing and evolving cloud infrastructure. Flexibility in adapting to different environments and requirements was also key.
SOLUTION
The company chose Prisma Cloud by Palo Alto Networks for its extensive capabilities in cloud security. The platform was hosted on AWS and supported by a dedicated team, including key personnel like their automation engineer.
Prisma Cloud enabled the company to monitor the health of its Kubernetes clusters and scan images for vulnerabilities. The platform’s ability to detect and alert on security nonconformances played a crucial role in maintaining the integrity of their cloud infrastructure.
Prisma Cloud was integrated into the company’s CI/CD pipelines, enhancing the security of the development process. The CLI tool, a feature of Prisma Cloud, was instrumental in scanning Docker images and identifying vulnerabilities.
The company gained improved visibility and control over its cloud environments, regardless of their complexity. Prisma Cloud’s user-friendly interface and easy upgrade process were particularly beneficial.
The solution reduced runtime alerts and investigation times, enabling the security team to remediate issues within 20 minutes, down from hours.
The company uses Prisma Cloud to monitor over 40 AWS accounts for cloud security. Alerts are generated for vulnerabilities, such as unrestricted access to Amazon EC2 instances or publicly enabled AWS EKS cluster endpoints. This proactive approach to security, with alerts based on policy severity, significantly reduces the risk of data breaches.
For container security, the company has self-hosted the Prisma Cloud console on the AWS EKS platform. Integrated with their Jenkins pipeline, it scans container images using the CLI utility. This process identifies vulnerabilities against the NVDB database, ensuring secure container images and reducing the risk of breaches.
Prisma Cloud provides full visibility to all cloud assets and simplifies compliance reporting. The alert rules help identify and direct alerts to the appropriate team, saving significant time in segregating alerts and audit reports. The alert remediation steps allow for quick resolution, offering a basic understanding of each alert through detailed descriptions.
The security team found Prisma Cloud to be an effective and user-friendly solution. The technical support from Palo Alto Networks is responsive and helpful, ensuring minimal downtime during issue resolution.
BENEFITS
CONCLUSION