CloudPassage Enables Security for the Centrify DevOps Team with Vulnerability Assessment and Reporting, While Providing Compliance Reporting
公司规模
Large Corporate
地区
- America
国家
- United States
产品
- CloudPassage Halo
- Jenkins
- SaltStack
技术栈
- CI/CD workflow
- API Integration
实施规模
- Enterprise-wide Deployment
影响指标
- Cost Savings
- Productivity Improvements
- Digital Expertise
技术
- 应用基础设施与中间件 - API 集成与管理
- 网络安全和隐私 - 云安全
- 网络安全和隐私 - 安全合规
适用行业
- Software
适用功能
- 离散制造
- 质量保证
用例
- 网络安全
- 监管合规监控
服务
- 云规划/设计/实施服务
- 网络安全服务
关于客户
Centrify is a company that delivers Zero Trust Security through the power of Next-Gen Access. They verify every user, validate their devices, and limit the amount of access and privilege to resources while continually learning and adapting. Centrify's Next-Gen Access is the only industry-recognized solution that uniquely converges Identity-as-a Service (IDaaS), enterprise mobility management (EMM) and privileged access management (PAM.) The company serves over 5,000 worldwide organizations, including over half the Fortune 100. They are trusted by these businesses to proactively secure their operations.
挑战
Centrify, a company that delivers Zero Trust Security through the power of Next-Gen Access, needed to integrate security into their DevOps process. They wanted to evaluate vulnerability assessments before placing upgrades into production. Additionally, they needed to prepare for the Federal Risk and Authorization Management Program (FedRAMP) and the Service Organization Control (SOC 2) compliance audits. Centrify was searching for a product that could integrate into the organization’s CI/CD workflow – which includes the Jenkins and SaltStack toolsets – so assessments could take place prior to updates being pushed into production. They also needed a solution that provided detailed vulnerability management and reporting tools.
解决方案
Centrify deployed CloudPassage Halo and employed Halo’s vulnerability management and reporting in order to prepare for the FedRAMP and Soc2 compliance audits. They integrated the Halo API into Jenkins and SaltStack, integrating Halo directly with their DevOps processing. Centrify immediately began employing all CloudPassage Halo modules including: software vulnerability assessment, configuration security monitoring, server account monitoring, file integrity monitoring, and log-based intrusion detection. The team used Halo’s API to integrate Halo with Jenkins and SaltStack, working with the CloudPassage customer success team to customize the Halo platform to their specific security policies. The lightweight Halo agent was chosen because it would not interrupt the processes that had been already established, but rather would integrate with and monitor his DevOps team’s CI/CD workflow.
运营影响
数量效益
Case Study missing?
Start adding your own!
Register with your work email and create a new case study profile for your business.
相关案例.
Case Study
Infosys achieves a 5–7 percent effort reduction across projects
Infosys, a global leader in consulting, technology, and outsourcing solutions, was facing significant challenges in application development and maintenance due to its distributed teams, changing business priorities and the need to stay in alignment with customer needs. The company used a mix of open source, home-grown and third-party applications to support application development projects. However, challenges resulting from distributed teams using manual processes increased as the company grew. It became more and more important for Infosys to execute its projects efficiently, so they could improve quality, reduce defects and minimize delays.
Case Study
Arctic Wolf Envelops Teamworks with 24x7 Cybersecurity Protection and Comprehensive Visibility
Teamworks, a leading athlete engagement platform, faced rising cyberthreats and needed enhanced visibility into its network, servers, and laptops. With software developers connecting from all over the world, the company sought to improve its security posture and position itself for future growth. The company had a secure platform but recognized the need for a more proactive solution to identify gaps within its technology infrastructure. Data exfiltration and malicious access were top concerns, prompting the need for a comprehensive security upgrade.
Case Study
Sawback IT and Datto Save Client From a Costly Mistake
Ballistic Echo, a software development house, faced a critical challenge when human error led to the deletion of thousands of lines of unique code. This incident occurred before the code was pushed to source control, resulting in significant loss of time, revenue, and work. The previous file-level backup solution they used was slow and inefficient, making it nearly impossible to manually recreate the lost work. The need for a more reliable and efficient business continuity solution became evident to avoid such disasters in the future.
Case Study
Opal Helps Customers Shine Thanks to Datto
SP Flooring & Design Center faced a ransomware attack that encrypted and locked their files. The attack was initiated through a compromised service account set up by an outside vendor. The ransomware infection was isolated quickly, but there was a concern about the extent of the data at risk. The company had backups in place but was unsure of how much information was compromised. The situation required immediate action to prevent further damage and restore the affected data.
Case Study
Zapier Aggregates Multiple Analytics in a Single Dashboard with the New Relic Platform
Zapier, a company that enables non-technical users to push data between hundreds of web applications, was facing a challenge in automating and provisioning servers for optimal performance. The company's environment consisted of 50 Linux servers on the Amazon Elastic Compute Cloud (EC2), a Django application split across several servers, and a backend consisting of a dynamic number of celery task workers fed by messages published to a RabbitMQ cluster. They also maintained a number of internal web services on nginx in front of Gunicorn and Node.js processes. Redis handled simple key and value stores, with logging handled by Graylog2 and ElasticSearch. However, they realized that no level of automation would be sufficient without an effective monitoring solution in place. They needed a tool that could provide immediate alerts when something was breaking and could be easily implemented into their environment.
Case Study
Pipeline Insight Case Study: YARCDATA
YarcData faced challenges in determining the conversion rates of prospects into customers through various marketing efforts and identifying the source of its leads. They wanted to know the percentage of opportunities in the sales pipeline that came from different marketing events, web downloads, or self-sourced sales opportunities. Additionally, they needed the ability to drill down into the data to guide where to allocate more marketing dollars based on the success of previous efforts. Previously, YarcData relied heavily on spreadsheets and Salesforce.com reports, which made it difficult to extract the exact information they needed. This reliance on spreadsheets represented about 70% of their data presentation.
