Case Study

Prisma Cloud Provides Visibility and Control to Confidently Secure Funding Societies’ Cloud Transformation


In brief

Customer

Funding Societies

Industry

Financial Services

Country

Southeast Asia


Challenge

Secure the company’s multi-cloud resources and workloads, meet strict compliance, and scale security operations to support rapid business growth.

Answer

Prisma Cloud by Palo Alto Networks enables Funding Societies to identify and manage its distributed, cloud native resources within acceptable risk tolerance and cost margins while effectively fulfilling business goals and regulatory requirements.

Results
  • Improves security governance, closes gaps, and reduces the potential attack surface
  • Provides 100% visibility of multi-cloud estate through agentless implementation
  • Supports DevSecOps procedures without interruptions to operational and production access
  • Provides a holistic view of risk and vulnerabilities without multiple single-focus security tools and agents
  • Reduces the volume of alerts by 80%
  • Provides meaningful guidance on remediation that can easily be assigned to security engineers or DevOps/ DevSecOps
Download PDF Share


quote

I am a big believer in bringing risk down to acceptable levels and within acceptable cost parameters. However, cost always involves time and effort—and based on this sort of cost-benefit analysis, Prisma Cloud comes out on top for the features it provides out of the box that can be put to use almost immediately. The platform instantly consolidates and reduces risk, saving valuable time and resources in the process.

Shakthi Priya Kathirvelu, Head of Information Security, Funding Societies

Securing the Data Center of Tomorrow

To drive a successful cloud transformation, Funding Societies rooted its journey in the basic principles of people, process, and technology.

The company zeroed in on the people aspect first, looking to source the right talent to support the cloud-centric workloads that now needed to be secured. The security team needed staff who could help decipher the shared responsibility model with cloud service providers (CSPs) and navigate the ever-evolving, nascent cloud ecosystem.

Next came process and technology elements. Like Maya Angelou said, “If you don’t know where you’ve come from, you don’t know where you’re going.” This statement rings true with the Funding Societies security team. Before the consideration of new processes and tooling began, the team outlined, in detail, the business problems and use cases they needed to address in the move to the cloud. This guided each demo and vendor conversation, helping to map what each solution can fulfill and to what degree of precision and accuracy

Two Key Use Cases and a Multi-Cloud Strategy

Funding Societies started its cloud migration with a single account in Amazon Web Services (AWS®). All workloads and resources were running in one place, accessible by the entire team. The organization was growing rapidly, though, and quickly adopted a multi-account architecture. They knew the exponential growth would become unmanageable without a shift in strategy. Funding Societies was using native security tools from the CSPs, but each offering came with a different set of security standards and best practices.

When the company opted for a multi-cloud environment and strategy to meet developer preferences and drive more cost-effective innovation, the native CSP offerings failed to completely satisfy key security needs for cloud security posture management (CSPM) and cloud workload protection (CWP). The security team needed a better way to monitor the overall cloud security posture as well as help bridge the divide between security and DevOps in the development cycle.

quote

Prisma Cloud is the most complete and consolidated solution in the market. There is no comparison point with other vendors considering all that Prisma Cloud provides in a single, integrated platform.

Shakthi Priya Kathirvelu, Head of Information Security, Funding Societies

Risk Management in a Single Integrated Platform

Funding Societies wanted a security platform that could deliver cloud native security wherever it was deployed. Prisma Cloud was an easy decision. The Cloud Native Security Platform offers a complete and consolidated set of functionality, including automated asset inventory, threat detection and response, multi-cloud vulnerability monitoring and prioritization, and continuous compliance monitoring and reporting. The security team now had a single application to manage all risks across all layers of its architecture.

In particular, Prisma Cloud Defenders provides comprehensive, early detection of security issues for easier and quicker remediation. Although Funding Societies usually prefers to methodically implement security in small steps, Prisma Cloud quickly proved its worth and is now fully deployed within the AWS production environment. Funding Societies uses its own infrastructure as code (IaC) and was able to automate the deployment of Prisma Cloud in its environment using its existing IaC scripts.

Once deployed, the quality of reporting on vulnerabilities was easy to scale to meet the needs of all the development groups. Upon the completion of a scan, the results from Prisma Cloud integrate directly with the security dashboard in Atlassian Jira®, which helps the company with achieving regulatory compliance as well as automating the metric-driven Open Security Issues (OSI) report.


quote

Prisma Cloud provides us with the visibility and control to confidently secure our cloud transformation. Beyond visibility, the integration of features set Prisma Cloud apart. It’s not ideal to manage five, ten, or more security tools. One consolidated tool is easier and far more cost-effective.

Shakthi Priya Kathirvelu, Head of Information Security, Funding Societies

Complete Security and Compliance Coverage

Using Prisma Cloud, Funding Societies was quickly able to protect its cloud infrastructure according to best practices and establish security controls for the entire stack, including:
  • Monitoring the ECS and container runtime environment for suspicious behavior and ensuring that containers don’t drift against their originating images.
  • Ensuring that security and compliance best practices are continuously applied.
  • Protecting sensitive customer data as well as identifying and preventing breaches in real time.
  • Maintaining complete and deep cloud visibility spanning vulnerabilities, misconfigurations, malware, lateral movement risk, and weak and leaked credentials.
  • Aggregating alerts to help prioritize investigation and remediation efforts.
  • Achieving complete coverage across a multi-cloud infrastructure.
Overall, Prisma Cloud has helped Funding Societies elevate its security posture, better understand gaps in regulatory compliance requirements, and address these gaps in a timely manner.

To learn more about Prisma Cloud, visit paloaltonetworks. com/prisma/cloud.