“Evident.io runs regular security scans to see if there is any misconfigured services. It details high/med/low risks in pretty big bold letters. It also gives you ways to remediate those issues, whatever they might be.” – Security Engineer at a Peer-to-Peer eCommerce Platform
Peer-to-Peer eCommerce Platform reduces manual efforts and increases Security Visibility
The IT department of a global peer-to-peer ecommerce platform partnered with Evident.io to reduce the manual effort required to achieve insights into their cloud security vulnerabilities and compliance posture.
The largest creative online commerce community, powered by do it yourself entrepreneurs, operates a global marketplace where people around the world connect, both online and offline, to make, sell and buy unique goods. Their platform supports almost $3B in annual gross merchandise sales.
Security is a big part of organization’s culture and is widely evangelized throughout the company. Like many global businesses, the peer-to-peer ecommerce platform wanted to improve existing AWS infrastructure by increasing visibility and creating security policies and processes. To tackle the problem, they used the capabilities that were already built into their CSP and spent countless human hours manually combing through their systems and services in search of configuration changes and vulnerabilities. Even as it tried to address these challenges, the IT department struggled to keep the pace of their fast changing cloud environment.
The peer-to-peer ecommerce platform’s IT department needed a solution that would help them to automate security visibility, vulnerability alerts and remediate those issues saving time so that they can focus on the hard stuff.
The peer-to-peer ecommerce platform implemented Evident.io’s tool called Evident Security Platform (ESP) to help them identify and monitor misconfigurations in their AWS infrastructure. Setup was quick and easy as ESP requires ‘read-only’ access and is completely agentless. Through collaboration with Evident.io the IT department was able to build custom security signatures, risk reports and ticketing flows tailored to their organization’s best practices.
ESP provides the IT and Security departments with up-to-the-minute actionable reports detailing high, medium and low risks with recommendations for steps to remediate the vulnerabilities discovered. By integrating ESP alerts into Jira, the organization is able to identify and prioritize what work needs to be done and by whom, i.e. the broader Security, DevOps and IT teams. As a result, the peer-to-peer ecommerce platform’s overall cloud security posture has improved and they can securely operate at the “speed of cloud”.
To find out more about how our technology can empower you to solve this problem visit our website. ESP provides a single pane of glass view of all of your AWS accounts, regions and services in one easy to customize dashboard. By consuming all of Amazon’s APIs, ESP can detect and uncover vulnerabilities in your environment and alert security teams of configuration changes and policy violation and provide a path to remediation.
You can try ESP free for 14 days and start securing your cloud infrastructure within minutes. You can use the tool on your own, just signup and get started — or we can help you along the way. It’s your choice.
About this ESP @ Work Blog Series
ESP @ Work provides insight into real customer implementations. These snapshots describe how Evident Security Platform (ESP) helps our customers maintain and benefit from continuous security and compliance in the cloud. All ESP @ Work posts are anonymous because we respect that our customers are not always able to publicly share their success.