The Client

A major multi-national with a technology estate consisting of thousands of cloud accounts, across AWS, Azure and AliCloud.

The Problem

For the previous several years the company had been focusing on the implementation of cloud native tooling to manage security across each of their cloud estates alongside several legacy commercial tools.  However the cost to engineer these tools across thousands of cloud accounts and the inability to easily observe security issues through a single user interface, alongside complex licensing issues were problems which the company wanted to overcome.

The Solution

After evaluating several off-the-shelf cloud native security monitoring tools the company decided to purchase Wiz.io as the single multi-cloud security monitoring tool and engaged Hydras security consultants to lead the implementation.  Due to imminent licensing renewals the initial onboarding of Wiz was scheduled to be completed in just one month, a very tight timescale.

Hydras consultants worked with the company internal team to install Wiz and then began configuring the tool for security posture monitoring.  Firstly the company internal security controls were mapped into Wiz via the creation of a custom control set.  For controls that didn't exist in Wiz, the Hydras team created custom versions of them using code.  Once the control set was created several "candidate" AWS accounts were onboarded into Wiz to validate the security monitoring.   Once security data started to flow into Wiz the Hydras team validated the security issues, ensuring false positives were filtered out and that any remaining reported issues were accurate.  Next, they worked with the company's internal team to create an access control mechanism, using Role Based Access Control (RBAC), that would ensure that customers of Wiz could only view their security data and no one else's.  This was achieved by linking Wiz to the company's internal systems such as Microsoft Entra and ServiceNow.  Once complete, the Hydras team next worked directly with internal customers, aiding them in resolving their security issues and training them in how to use the tool.  Finally, the new operations team were trained in how to support the tool, with the Hydras consultants acting as assurance specialists.   Once this initial trial phase had completed the Hydras team led the implementation of Wiz on the rest of the 1600 AWS accounts, repeating the above process, within a further three weeks.

The Outcome

Over the following weeks Wiz was implemented on 1000 Azure accounts plus 30 Alibaba cloud accounts in addition to the 1600 AWS accounts.  This process allowed the company to decommission its existing legacy tools as well as remove the cloud native security tools that had been previous implemented, leading to a estimated two million dollar ($2M) saving over the course of three years.  Over the following 180 days post implementation the Hydras team worked with the company to resolve over fifty thousand (50K) high and critical security issues, thus radically improving their security posture.