Case Study

Playtika shifts left – and shrinks development time, cost, and risk


Evidence of Playtika’s cybersecurity strategy success is everywhere. By standardising on a frictionless Palo Alto Networks portfolio, this leading global gaming company are transforming their security posture, agility, and efficiency. With Cortex XSOAR’s intelligent automation, security events have been managed using half the amount of people, and the mean time to respond (MTTR) has been cut from 3.5 hours to 45 minutes. The Cortex XSOAR chatbot is estimated to save analysts 15% of their time, and complaints about remote working connectivity have dropped from hundreds per month to tens. Additionally, shiftleft cloud security is helping Playtika create exciting, compliant video games more quickly and with less risk.


In brief

Customer

Playtika

Organisation Size

34 million monthly active users, 4,000+ employees

Industry

Entertainment

Featured Products and Services

Portfolio of entertainment games

Location

Herzliya, Israel


Challenge

Reliance on separate, siloed security platforms. Limited visibility delayed incident response and absorbed a significant number of scarce resources. Requirement to ensure development source code is accurate and secure.

Requirements
    • Modern, integrated cybersecurity platform.
    • Layer 7 capabilities to remediate any vulnerability.
    • Automated security and liberate resources.
    • Shift left, adopting security earlier in the lifecycle.
Solution

Palo Alto Networks portfolio, comprising ML-Powered Next-Generation Firewalls, Cortex XSOAR, Prisma Cloud, and GlobalProtect

Download PDF Share

CHALLENGES

Gaming thrills at every turn

Playtika has been a pioneer in the games industry for over a decade and has more than 34 million monthly active users. The Israel-based multinational organisation are continually adding innovative games with challenges and thrills at every twist and turn.

With customer numbers rising, new games being added, and business acquisitions closed, the organisation processes over 9 TB of data daily. Much of this is derived from gaming analytics, live operations, and performance marketing – and it all needs to be safeguarded. For example, production gaming servers need to be secure with clear visibility into who accesses which games and potential vulnerabilities.

With a relentless pace of gaming innovation, Playtika needs to ensure source code is accurate and secure – delays in this area could jeopardise the deployment of new games.

When a cloud-based gaming business is acquired, Playtika needs to monitor the infrastructure, applications, and data to ensure a safe cloud environment.

But Playtika’s lean security operations team were wasting time dealing with manual tasks – like investigating low-level alerts or dealing with false positives. For example: previously, the incident MTTR averaged 3.5 hours.


quote

We wanted a consistent, holistic approach to cybersecurity, using modern technologies like AI and automation to efficiently safeguard the organisation.

–Liran Sheinbox, Head of Cyber Security, Playtika

REQUIREMENTS

Secure gaming infrastructure

Playtika’s requirements were to:

  • Introduce a modern, integrated cybersecurity platform.
  • Use Layer 7 capabilities to remediate any type of vulnerability.
  • Automate security operations and free up resources for more strategic tasks.
  • Shift left, adopting security testing earlier in the development lifecycle.

SOLUTION

Leader of cybersecurity

Playtika have standardised on the Palo Alto Networks portfolio to prevent successful cyberattacks by using an automated approach to deliver consistent security across cloud, network, and applications.

“From my experience, Palo Alto Networks leads the cybersecurity industry,” says Liran. “The entire portfolio boasts best-in-class capabilities and frictionless integration – and it’s proven in the market to deliver on its promises.”

The portfolio includes:

ML-Powered Next-Generation Firewalls: Deployed in the data centre to defend instantly against zero-day threats. ML controls proactively learn from Playtika data to detect threats.

Cortex XSOAR: Enables an agile, consistent incident response. “XSOAR has been a huge success,” says Liran. “Playbook automation, for example, has transformed deployment across a vast number of security use cases.”

One innovation is the Cortex XSOAR chatbot. If an incident occurs, an automated decision tree determines the subsequent actions, with the chatbot notifying users of progress. Liran explains, “If someone requests a password reset, for instance, the bot asks, ‘Did you request this?’ If they didn’t, a new playbook launches to automate the security process.”

Prisma Cloud: Monitors cloud security posture, detecting and responding to threats. Playtika continuously look to expand their portfolio in the mobile gaming business. When a cloud-based business is acquired, Playtika can use Prisma Cloud to manage the security coverage while transitioning the cloud business to their on-premises environment. During this transition, Prisma Cloud provides continuous, automated monitoring that provides insights into assets, behaviours, and threats. Prisma Cloud provides complete cloud workload protection across hosts, containers, and serverless deployments – throughout the application’s code, build, deploy, and run stages of the lifecycle.

GlobalProtect: Previously, Playtika had multiple security controls on users’ endpoints. Conflicts led to an increasing amount of security “noise” and user frustrations. GlobalProtect replaces complex VPN controls with flexible, secure remote access for users everywhere using the Next-Generation Firewalls (NGFW).


quote

Palo Alto Networks connects our security strategy, fusing data across the organisation into one unified security architecture. The different modules continually talk to one another, intelligently automating processes and giving us the confidence we are protected.

–Liran Sheinbox, Head of Cyber Security, Playtika

BENEFITS

Transformational cybersecurity

From the firewalls and cloud security to orchestration and remote access, Playtika are seeing the difference Palo Alto Networks are making.


Security orchestration

  • Within six months of go-live, Cortex XSOAR was automating 50% of the average incidents logged per day with the same number of people. This percentage is expected to increase in due course, through playbooks and other automation. By liberating resources, Playtika can manage security operations without hiring additional headcount. The top-used playbook in Playtika revolves around the detection and remediation of phishing attacks. This playbook handles a specific case and automates the entire process to provide an analyst with the right data to mitigate the incident with a single click.
  • MTTR reduced from an average of 3.5 hours to 45 minutes.
  • XSOAR chatbot saves analysts 15% of their time. “The bot shows we are saving up to $5 million. Although we can’t rely on that figure, the bot is making a huge difference to our productivity. We class the bot as another member of the team; it’s that important,” says Liran.

quote

Without Cortex XSOAR, we’d need twice the number of people we have now to manage events.

–Liran Sheinbox, Head of Cyber Security, Playtika

Remote security

By transforming how 4,000 people connect remotely, Playtika have experienced an almost 100% drop in end-user connectivity complaints. “We used to receive hundreds of complaints a month – now it’s tens,” says Sheinbox. “The VPN performance and user experience are better because we’ve optimised our endpoint security solution.”


Cloud security

  • Playtika benefit from a faster return on their acquisition investments. The cloud security of an acquired organisation can be monitored “almost immediately” according to Liran, prior to being migrated to the on-premises environment.
  • Playtika can develop the next generation of innovative games faster. For example, developers benefit from unified protection across hosts and containers – regardless of their underlying technology or the cloud type. This capacity was exemplified by Prisma Cloud helping Playtika to quickly understand the impact of the Apache Log4j vulnerability and articulate a remediation plan, which gave a strong sense of relief.

quote

I’m a shift-left guy. With Palo Alto Networks Prisma Cloud, we can mitigate vulnerabilities earlier in the development lifecycle. This in turn helps us create exciting, compliant video games more quickly and at lower risk.

–Liran Sheinbox, Head of Cyber Security, Playtika

Read and discover the full details of Playtika’s SOC transformation journey. For more information on Palo Alto Networks.