INDUSTRY
Fortune 500, Pharmaceutical
REGION
Global
Ready to get started?
Challenge
- Transition from Rapid7’s InsightCloudSec (ICS) as the Cloud Security Posture Management (CSPM) tool to Wiz as the end-to-end Cloud-Native Application Protection Platform (CNAPP) solution
- Transition off a multi-year deployment of ICS to Wiz.io in ~90 days without negative Operational impact
- Convert established custom security processes to Wiz controls with full coverage across company’s multi-cloud provider environment
- Develop advanced Automation Playbooks for autonomous remediation inclusive of a Wiz integrated custom email solution
Solution
- Partnering with the Wiz Tel-Aviv engineering team, 107 custom TDR/CCRs were written, validated, tested and deployed to meet the Near Real Time (NRT) fetching requirements of the company
- Established 55 complex automation playbooks covering 30+ AWS Services. These playbooks ensure if non-conforming resources are created, or if configuration drift occurs that they’re autonomously remediated. Owner resource tags are used to ensure the right individuals are notified
- Established a Custom email solution to format notification emails into the required company “Action State” format and pulls in Wiz template variable data for enriched content
Additional Program Background
Company is a leading research-based biopharmaceutical company that discovers, develops, manufactures, and markets prescription medicines, vaccines, and consumer healthcare products.
They are very advanced in their adoption of public Cloud technologies and the use of automated remediation to correct mis-configurations discovered during resource creation or as part of configuration drift. Wiz was selected as a full CNAPP replacement of the Rapid7’s ICS CSPM platform for its ability to manage the end-to-end lifecycle of Cloud based resource configurations and the related toxic combinations associated with vulnerability management.
To ensure that misconfigured resources are remediated at launch or drift, they have adopted the use of Wiz Automation Playbooks and a very rigorous resource tagging strategy to both rectify the non-conformance, and notify the tagged owners of the resource and the parent Cloud Account. At the time, real-time fetching in Wiz did not exist. NephoSec established advanced automation scripts that provided functionality to pull the tag values from the individual resources and remediate the non-conformance. The tag values were utilized to send emails of the remediated resources directly to the responsible owners with added context using the Wiz Automation Rule data payload and a custom email solution.
What’s Next:
As a Cloud first company, this company is working to productize Wiz across the entire Software Development Lifecycle. This includes an initiative to Shift Left using the WizCLI and WizTerraform Provider to notify developers at the IDE and Terraform Build cycles of non-conformances, and vulnerabilities prior to resource creation. This full adoption of Wiz truly makes it the cradle-to-grave CNAPP solution for this company.
