“ESP enables us to re-imagine our entire approach to cybersecurity. [With ESP in place] my agency has been able to achieve ATO’s in under seven days which is a tremendous improvement.” – Chief of Cloud Security at a National Intelligence Agency
Authority to Operate (ATO) in a day
Re-Inventing Security in the Cloud for the Intelligence Community
The Chief of Cloud Security at a United States government intelligence agency partnered with Evident.io to reduce the time to deploy cloud services into production.
The agency delivers elite intelligence to everyone from first responders to policymakers, warfighters and intelligence professionals. It has hundreds of employees that serve on support teams at U.S. military, diplomatic and allied locations around the world.
The agency is moving most of its IT operations to the cloud and is looking to “reinvent security”. The idea is to take advantage of cloud flexibility and re-architect their cloud infrastructure daily so that would-be attackers are confronted with a confusing operating environment and have limited time-on-target.
Like many other intelligence agencies, this agency still has 80+% of their AWS workloads in dev/test environments and are struggling to move them quickly to production. On top of that, it currently takes about six months for a cloud provider to get its service cleared for federal government use. Their Chief of Cloud Security initiated a concept of “Authority To Operate (ATO) in a day” to dramatically reduce the time to deploy cloud services into production. They needed a cloud infrastructure security solution that would provide continuous visibility into their environment and compliance posture.
The agency implemented Evident.io’s tool called Evident Security Platform (ESP) to help them identify and monitor misconfigurations within their AWS infrastructure. Setup was quick and non-invasive as ESP requires ‘read-only’ access and is completely agentless.
Their cloud security team collaborated with Evident.io to build custom security control checks, risk reports and ticketing flows that map to the agency’s own internal processes. Evident.io’s Support and DevOps teams worked on adjusting the PSaaS CloudFormation templates to ensure that they would work the with Intelligence Community (IC) customer’s unique security and deployment constraints.
ESP enables the intelligence agency to move their AWS workload to production (ATO) faster. ESP provides the cloud security and IT operations teams with up-to-the-minute actionable reports detailing high, medium and low risks with recommendations for steps to remediate the vulnerabilities discovered. By integrating ESP alerts into Jira, the agency is able to identify and prioritize what work needs to be done and by whom, i.e. the broader Security, DevOps and IT teams. As a result, their overall cloud security posture has improved and they can securely operate at the “speed of cloud.”
To find out more about how our technology can empower you to solve this problem visit our website. ESP provides a single pane of glass view of all of your AWS accounts, regions and services in one easy to customize dashboard. By consuming all of Amazon’s APIs, ESP can detect and uncover vulnerabilities in your environment and alert security teams of configuration changes and policy violation and provide a path to remediation.
You can try ESP free for 14 days and start securing your cloud infrastructure within minutes. You can use the tool on your own, just signup and get started — or we can help you along the way. It’s your choice.
About this ESP @ Work Blog Series:
ESP @ Work provides insight into real customer implementations. These snapshots describe how Evident Security Platform (ESP) helps our customers maintain and benefit from continuous security and compliance in the cloud. All ESP @ Work posts are anonymous because we respect that our customers are not always able to publicly share their success.
Read more Customer Success Stories here.