“By fully automating our alerts we were able to see significant decrease in misconfigurations and vulnerabilities, which strengthened our overall security posture. As a very security conscious organization, this enabled us to move quickly and confidently into the cloud.” – CISO, Multinational Financial Services Corporation
Innovative and agile vision leads the way to secure cloud adoption.
ESP’s flexible custom control checks enable Multinational Financial Services Corporation to reduce risk, audit, and compliance validation specific to the Multinational Financial Services Corporation’s compliance and business risk requirements.
An American multinational financial services corporation with over $2 trillion AUM (Assets Under Management). As one of the four largest mutual fund and financial services group in the world, they focus on sharing their financial expertise to help people live the lives they want.
Today’s financial services organizations are under pressure to modernize their IT infrastructure by migrating to the cloud. While the cloud offers freedom from capital-intensive technology investments and flexibility enabling them to focus on their core business objectives, security can often be a major roadblock in their journey to the cloud. This Multinational Financial Services Corporation is already leveraging AWS infrastructure with plans to grow use significantly and is no stranger to these security concerns.
The biggest challenge for them was that their information security team had no visibility into their API layer and the potential risks that exist there and their migration to the cloud could not be delayed.
To address these challenges, the CISO deployed the continuous monitoring and alerting capabilities of Evident Security Platform. As a very security conscious organization, the Financial Services Corporation understood how critical it was to select the most qualified solution and required that ESP was evaluated through a rigorous Security Vendor Technology Assessment and passed. Evident.io passed all of their security requirements as a company, not just a technology.
By consuming all of Amazon’s APIs, ESP is able to provide security for what the Multinational Financial Services Corporation put “in” the cloud. The solution automates the flow for alerts and remediation, removing the heavy lift of manual audits and building and managing their own suite of scripts while enabling comprehensive visibility of their AWS infrastructure to their information security team. ESP also supports the flexibility to develop custom signatures to be alerted on the Multinational Financial Services Corporation’s specific risks.
With the ESP’s agentless non-invasive approach, the information security team now has consolidated multi-account visibility of all vulnerabilities and misconfigurations that exist in their cloud infrastructure through a single pane of glass dashboard. The value that ESP brought was to alert them of configuration changes and policy violation and provide a path to remediation.
ESP helped the Financial Services Corporation be compliant with regard to the AWS shared services model and CIS AWS Foundations Benchmark, by automating the exposure and remediation of vulnerabilities in AWS. ESP’s flexible custom control checks enable Multinational Financial Services Corporation to reduce risk, audit, and compliance validation specific to the Multinational Financial Services Corporation’s compliance and business risk requirements.
To find out more about how our technology can empower you to solve this problem visit our website. ESP provides a single pane of glass view of all of your AWS accounts, regions and services in one easy to customize dashboard. By consuming all of Amazon’s APIs, ESP can detect and uncover vulnerabilities in your environment and alert security teams of configuration changes and policy violation and provide a path to remediation.
You can try ESP free for 14 days and start securing your cloud infrastructure within minutes. You can use the tool on your own, just signup and get started — or we can help you along the way. It’s your choice.
About this ESP @ Work Blog Series
ESP @ Work provides insight into real customer implementations. These snapshots describe how Evident Security Platform (ESP) helps our customers maintain and benefit from continuous security and compliance in the cloud. All ESP @ Work posts are anonymous because we respect that our customers are not always able to publicly share their success.