Industry: Banking, Financial Services and Insurance (BFSI)
Region: UAE
Technology Stack: Palto Alto Networks Prisma Cloud and Help AG Professional Services.
Summary
During a Cloud Security Posture Assessment Help AG discovered over 290,000 vulnerabilities and misconfigurations within the customer’s cloud AWS and Azure accounts, using our assessment methodology, contextual awareness and cloud security expertise along with the best of breed security tooling (Prisma Cloud) the customer was able to reduce this by over 90% within 3 weeks.
The Customer’s Challenge
- Lack of Visibility, Compliance and Governance within the cloud.
- Lack of Threat Detection capabilities.
- Inability to view and correlate vulnerability data with exposure risk.
- Inability to conceptualize and understand cloud-based Identity risks.
Our Approach
Help AG conducted a Cloud Security Posture Assessment using Palo Alto Networks Prisma Cloud to perform the automated scanning and compliance mapping, the Help AG team then conducted joint false-positive tuning sessions, applied best practice tuning and produced the assessment report containing a prioritized list of misconfigurations and vulnerabilities as well as step-by-step remediation steps which the customer used (along with the Prisma Cloud console) to perform remediation activities, this allowed the customer to:
- Understand exposure risk and likelihood of breach of cloud assets.
- Gain insight into vulnerabilities and misconfigurations of workloads and identities across muti-cloud environments.
- Understand compliance posture and alignment with industry standards e.g.: ISO27001, PCI-DSS, NIST CSF, CIS etc.
- Dramatically improve security posture and reduce risk within a very short period of time.
The Outcome
- Over 290,000 vulnerabilities and misconfigurations were discovered within the AWS and Azure cloud accounts.
- The customer was able to reduce the number of vulnerabilities to approx. 27,000, (over 90% reduction) within 3 weeks.
- All Critical and High Severity vulnerabilities were resolved.
- While a high number of Medium and Low Severity vulnerabilities remained, they were reduced significantly over the next 2-month period and the few remaining were further mitigated via the deployment of additional security controls.
Customer Testimonial
The problem with CSPM tools is that they generate alert fatigue, for us 290,000 alerts seemed like a risk we could never address, but the Help AG team provided actionable insight and helped us to fast-track remediation activities, they’ve also led subsequent assessments for us which had much better results and are currently helping us adopt Prisma Cloud across our cloud environments… we’re now able to offer services to our customers more securely than ever before. – Anonymous, CISO
Future Plans
The customer tasked Help AG with performing a Cloud Security Architecture Assessment and an additional Cloud Security Posture Assessment within the next 6 months. The customer also opted to purchase and implement Palo Alto Networks Prisma Cloud to address these and similar risks directly from within their SOC on an ongoing basis.
Supporting Visuals
Call to Action
Don’t leave your cloud security to chance. Let Help AG assist you identifying and remediating vulnerabilities in your cloud infrastructure. Contact us today to have a discussion with our cloud security experts, and let’s schedule an assessment, if that would be useful to understand and mitigate risks in your infrastructure.
