.svg)
NASDAQ traded company uses Oligo to Implement a ‘maximum value minimum effort’ Security
Cyber Security
Highlights
aren't being executed
aren't being executed
aren't being executed
aren't being executed
aren't being executed
Challenge
Security alerts overload - The dev team was frustrated from being flooded with many security tickets that are irrelevant. It affected the trust the team had in the existing tools and led to a waste of time and resources.
Prioritization rationale - The alerts prioritization didn’t match the severity that the team associated with it and therefore the team had to manually correlate findings from different tools.
False positive alerts - It was difficult to differentiate between genuine risks and false positives due to insufficient information about the risks and results produced by security tools.
Security visibility gap - There was no ability to understand the potential attack surface and pain points in one platform.
Solution
Focus on the most urgent risks through runtime insights - Gaining insights into the behavior and context of cloud applications and their libraries enhances understanding of key security issues. This results in focused and trusted risk prioritization, eliminating the noise and chaos created by security scanners, and enables the user to truly understand each and every risk.
Achieving comprehensive application security visibility in one platform - the mixture of code-execution intelligence and cloud contextual insights creates a platform from which the company can gain awareness of the potential attack surface and manage all their application security efforts.
Amir W., the DevOps Team Lead in charge of information security, is dissatisfied with the complexity caused by using multiple security products, which scatter data across various locations.
It requires managing multiple products installed on multiple environments, and in order to obtain valuable information, it is necessary to perform complex correlations between the findings of each product with one another.
Due to this challenge, he began seeking a runtime security solution that could offer extensive coverage and precise outcomes. Runtime security solutions can access applications in real-time, providing detailed insights into the ongoing processes as the application operates in a cloud environment.
Through the use of runtime security, it is possible to achieve a thorough understanding of the application's code actions, such as which libraries are loaded or actually running, as well as its cloud context, including which applications are accessible to the internet.
When you understand what you see, it is much easier to fix it
The team faced a deluge of tickets from security scanners lacking accurate prioritization, making it difficult to discern urgent issues. Turning to Oligo, they sought a solution that would provide real-time understanding of their systems and precise risk prioritization. Amir W., DevOps Team Lead, highlighted the limitations of traditional security scanners, stating, "All tickets created by traditional security scanners are 'acute' and 'critical', but not all of these critical risks come to expression." Oligo's intuitive and trusted data offered focused and valuable information, setting it apart from other security products. This endorsement reflects Oligo's ability to deliver actionable insights for effective security management.
Solving security issues starts with understanding the organization’s potential attack surface. The team saw that Oligo helped them to achieve an accurate picture of the attack surface in real-time. As a result, Oligo is helping the team gain a clear understanding of their environment, enabling them to focus on the most urgent issues first and eliminate the noise created by security scanners operating through the code or the build phase.
Before using Oligo, achieving an accurate picture of the potential attack surface was mostly done through the hard work of security analysts and engineers, correlating findings from a few products, and conducting manual research. Oligo immediately provided the information that the team looked for, all in one platform.
Runtime insights that reveal the real risk’s urgency and severity
The team was overwhelmed with a flood of data, causing frustration as they struggled to make sense of it all. Security scanners generated numerous security tickets, some of which were irrelevant or even unfixable. This situation undermined the team's confidence in their existing tools and resulted in a waste of resources.
Oligo helped the team to focus and grasp a better understanding of the risks within their environment and achieve risk prioritization that is accurate and considers the attack potential of each risk. Security scanners which operate from the code or the build phase aren’t accessible to runtime insights. They cannot provide real-time information about the risk, so the long list of CVEs they produce isn’t prioritized accurately, and include many vulnerabilities that are not actually exploitable.
In today’s security landscape, you have to be focused on contextual runtime insights instead of being focused on the built Image and what it holds. That is exactly what Oligo is doing, and that is a great match for our needs.”
The team felt that using only the CVSS score to prioritize alerts didn't provide sufficient data to assess risks. CVSS scoring isn’t the most impactful parameter when performing a risk assessment, and can even be confusing when the vulnerable code is not accessible. Oligo provided the company focus by collecting runtime insights which discover the influence of the security posture and potential attack surface on each risk. This results in an accurate and reasoned risk prioritization which makes sense to security teams and saves them time and effort.
Oligo’s security approach is suited for today’s security landscape
Amir emphasizes the importance of the insights and data that Oligo provides and the professional work of the team. Considering runtime intelligence in making a risk assessment and prioritization is the right way to ensure security in today’s complex security posture.
As the team progresses in optimizing their security approach, Amir W. sees Oligo as a key ingredient in assuring the company's continued triumph. "Oligo equips us with the assurance in the security posture of our applications," he states. "It empowers our DevOps teams to work efficiently, improving our productivity and allowing us to provide the best possible services to our users. We no longer need to stress about the status of our cloud environments or the possibility of an unseen security risk lurking in the shadows.