Sysdig

Arkose Labs Beats the Bots
with 6-to-1 Tool Consolidation
and 20% Cost Savings

6-to-1
Tool consolidation
20%
Cost savings
95%
Reduction in vulnerability noise

Business Need

  • Quickly detect and respond to threats
  • Prioritize vulnerabilities
  • Detect and respond to vulnerabilities and misconfigurations
    across containers, hosts, and Kubernetes
  • Enable incident response and forensics
“We knew that AWS tools could only take us so far. Based on criteria we set, Sysdig bubbles up what poses the greatest risk so we can prioritize what needs to be addressed immediately versus later.”
Glen Arrowsmith VP of IT and Security Engineering at Arkose Labs

Company Overview

We’ve all seen them. There are “good” bots – the ones we rely on to search and find things on the internet. And there are “bad” bots – the ones that launch credential stuffing attacks, execute account takeovers, steal intellectual property, or perform SMS toll fraud. Bot mitigation is about identifying and blocking the unwanted or malicious bot traffic that hits applications or networks in order to reduce risk.

Established in 2015, Arkose Labs is a global leader in the fraud detection and prevention market – a market projected to grow to $141.75 billion by 2028. Its platform uses a combination of machine learning, behavioral analysis, and human intelligence to detect and mitigate bot attacks and fraudulent activities such as account takeovers and payment fraud.

Infrastructure: Amazon Web Services (AWS)

Orchestration: Amazon Elastic Kubernetes Service (EKS), Amazon Elastic Container Service (ECS)

Solution: Sysdig Secure

Challenges

Staying Ahead of Adversaries and Threats

Arkose Labs works with some of the most recognizable consumer brands in the world. They are unwavering in their determination to ensure a secure and streamlined experience for consumers.

As the company grew, the team recognized that its security processes and tools were not scaling with them. With a sophisticated bot detection and mitigation platform already in place, and a managed service team working hard to proactively outsmart adversarial attacks, the security tools deployed needed to perform just as well.

“In the five-and-a-half years I’ve been here, we’ve grown from five people to more than 250,” said Glen Arrowsmith, Vice President of IT and Security Engineering at Arkose Labs. “The approach to security is different when running a small team versus a massive engineering organization. Lean security teams can only monitor and alert on compliance violations, configuration issues, and vulnerabilities for so long. At some point, the security team needs to shift the security responsibilities to the engineering team and build it into their development processes.”

With this goal in mind, Arrowsmith and his team set out to refine and upgrade their security posture. “In many ways, it was a tall order,” said Michael Bourgault, IT Security Manager at Arkose Labs. “Not only were we looking to improve our security posture and optimize our products – we needed to do it while increasing efficiency and reducing costs. And in addition, it had to be with a partner whose philosophies were in sync with our own.”

Challenges at a Glance

  • Securely scale the business and bring new customers online
  • Have the ability to prevent, detect, and respond to threats
  • Reduce noise and vulnerability overload

Solutions

Reducing Spend by Consolidating Tools

With six solutions already in place – AWS GuardDuty, AWS Security Hub, AWS Config, Tenable, SentinelOne, and Lacework – Arkose Labs seized the opportunity to consolidate its cloud security tools. The objective was to manage vulnerability, security posture, and compliance, and to protect against intrusions in all cloud environments across workloads and cloud services with a single platform. Arkose Labs found its answer in Sysdig Secure.

Sysdig Secure takes a comprehensive approach to cloud security by rooting everything it does in its unique runtime insights. Sysdig helps organizations improve security posture by focusing on the vulnerabilities, misconfigurations, and compliance gaps that create the greatest risk. With Sysdig Secure, Arkose Labs can detect threats in real time, prioritize the vulnerabilities that matter, and fix them fast with context.

“We first looked at Sysdig for its container runtime security,” Bourgault explained, “but when we actually opened up the hood and looked around, we realized that the solution offered quite a lot more than we ever imagined. Basing everything Sysdig does on runtime insights enables faster threat detection, better vulnerability management, better cost optimization, and ultimately, better security posture.”

Arkose Labs

It was this revelation that drove Arkose to replace multiple solutions with Sysdig, netting the company an overall cost savings of more than 20%. “With Sysdig, we consolidated six tools to one, saving both time and money,” Bourgault said.

As a leading cloud-native application protection platform (CNAPP), Sysdig provides visibility and protection to applications from build through runtime. In addition to saving money, choosing a solution that provides end-to-end detection reduces complexity and improves the developer experience.

The Right Blend of Human Expertise and Artificial Intelligence

“When we looked at Sysdig’s roadmap, we explicitly asked, ‘What are you going to do in the next five years?’” Bourgault said. “Other cloud security vendors we were evaluating were going in a direction that we either already covered, or didn’t feel was right for Arkose – basically a lot of black-box ideas that didn’t suit what we believe in as a company.”

“Sysdig offers a customizable platform where we can be straightforward and write our own rules,” he explained. “And if something isn’t working, we can go figure it out. Sysdig is the exact blend of human expertise and artificial intelligence that allows us to properly protect against unknown threats – and that’s where our philosophies are perfectly aligned.”

Saying Goodbye to the Bystander Effect

“We’ve all heard the phrase, ‘Security is everyone’s responsibility’,” Arrowsmith said. “But there’s also something called the ‘bystander effect,’ whereby everyone thinks security is someone else’s job.” In the past, an Arkose Labs team member would find an issue, but there was no visibility into whether it had already been reported. As a result, it would either go unreported, or there would be multiple reports of the same issue.

“Production data was scattered around all regions and environments, and we were dealing with a lot of load,” he continued. “Every time we got a new server, we would have security issues, and there was a tremendous amount of noise hitting both the security team and the developers. It was a bit chaotic, and the noise hid the true risk.”

With insight into in-use risk exposure with Sysdig, Arkose Labs no longer has this challenge. Sysdig eliminates noise and prioritizes vulnerabilities based on runtime insights. “The number and complexity of vulnerabilities can be overwhelming in cloud-native environments,” Arrowsmith explained. “We knew that AWS tools could only take us so far. Based on criteria we set, Sysdig bubbles up what poses the greatest risk so we can prioritize what needs to be addressed immediately versus later.”

By focusing on what has in-use risk exposure, Sysdig can cut vulnerability noise by 95%.

Energizing the Arkose Security Culture

For Arkose Labs, a key to scaling its security strategy has been giving developers the tools and insights they need to prioritize where to focus time and effort to address security issues. With Sysdig, Arkose Labs teams are easily able to get a good view of security posture and compliance, as well as report quickly on the entire pipeline’s dependencies. Arkose Labs is equipped to act fast and reassure customers that their supply chain is not at risk when new threats emerge, like they did with Log4j.

“Having a tool that takes action is important to us,” Arrowsmith said. “Our engineers don’t need to waste time researching and prioritizing their patching. Sysdig does it for them.” Instead of reacting to security regressions after deployment, issues are picked up automatically – even before code review takes place. “Now our teams are able to focus on what they do best,” Arrowsmith concluded, “delivering solutions that help our customers protect against online fraud and account security.”

Visit arkoselabs.com to learn more about Arkose Labs.

Sysdig Benefits

  • Standardization of cloud and container security policies
  • Accelerated remediation of security issues with GitHub integration for cloud security posture management
  • Improved prioritization of vulnerabilities based on runtime context and actual risk
  • Prevents attacks and reduces time to detect security incidents

About Sysdig Secure

Powered by runtime insights, Sysdig Secure stops threats instantly and reduces vulnerabilities by up to 95%. We created Falco, the open standard for cloud threat detection, and apply runtime insights to help you focus on the vulnerabilities and threats that matter most. Prevent, detect, and respond at cloud speed with Sysdig. Learn more about Sysdig Secure here, or try Sysdig for free by signing up for a trial.

Fate il prossimo passo!

Scoprite come potete proteggere ogni secondo nel cloud.