The client had a deep bench of in-house security expertise and industry experts and was looking to shift from traditional IT to the cloud. Because they are so highly focused on building products that disrupt the financial industry, security is a critical topic for them. AWS was a great option because it allowed them to rethink security and compliance. However, this presented technical challenges that required a wealth of understanding in multiple areas of the development lifecycle.
Their existing landscape included a number of integrations with partners, downstream consumers, and Fintechs. This meant having to properly secure a myriad of configurations, all while continuously building more capabilities.
Protagona was brought in to uplift the environment. The goal was to create visibility into both existing and potential security issues, develop roadmapping fixes, and ensure a more compliant and secure environment overall.
We began by increasing visibility into security concerns via automated tooling and best practices. This involved implementing AWS Security Hub, AWS Config, Lambda, and a set of SCP guardrails to help detect and prevent security compromises. Information collected from these new tools led to the discovery and remediation of various security vulnerabilities.
A key component was the creation of a SIEM data aggregation layer that enabled the centralization, transformation, and distribution of data from disparate sources. Data was then stored and visualized in AWS Opensearch, enabling security and cloud experts to have a single pane of glass for the customers’ security events. This was instrumented via serverless frameworks, leveraging technologies such as S3, Lambda, and API Gateway.
The implementation phase was broken into activities that adhered to three focus areas: detection, remediation, and enforcement. The ultimate goal was to fix all existing problems and prevent any others from occurring in the future.
Security (AWS WAF, Cloudfront)
Operational Excellence (Systems Manager)
Business—Leadership now expresses more confidence in their AWS environments to customers and partners. Highlighting specific capabilities and frameworks used for continuous improvement has become a huge selling point for them.
Cloud Adoption—The client was able to confidently shift more capabilities and workloads to AWS without fear of creating more security “sprawl”. Automated management of these items provides the ability to swiftly and permanently address issues before they arise.
Culture—No longer hesitant to address security issues, the client has become self-reliant. They can easily locate, predict, and address security concerns across all of their environments. The visibility from the tooling has had a profound impact on their confidence in the aegis of their environment.