Here is the latest article in an eWEEK feature series called IT Science, in which we look at what actually happens at the intersection of new-gen IT and legacy systems.
Unless it’s brand new and right off various assembly lines, servers, storage and networking inside every IT system can be considered “legacy.” This is because the iteration of both hardware and software products is speeding up all the time. It’s not unusual for an app-maker, for example, to update and/or patch for security purposes an application a few times a month, or even a week. Some apps are updated daily! Hardware moves a little slower, but manufacturing cycles are also speeding up.
These articles describe new-gen industry solutions. The idea is to look at real-world examples of how new-gen IT products and services are making a difference in production each day. Most of them are success stories, but there will also be others about projects that blew up. We’ll have IT integrators, system consultants, analysts and other experts helping us with these as needed.
Today’s topic: Giving Developers the Freedom to Securely Create with Speed
In the highly competitive arena of online gaming, speed is key. As the makers of such popular adventure games as “Dungeons & Dragons” and “Magic: The Gathering,” gamemaker Wizards of the Coast entertains tens of millions of fans around the globe. Wizards' competitive edge comes from their agile development teams' ability to deploy features and updates several times per day. For their security team, that means protecting business applications and customer data without sacrificing speed for security.
Name the problem to be solved: In the early 2000s, Wizards went digital, transforming their legendary stories, striking art and innovative gameplay into new online experiences. They built their online gaming platform on Amazon Web Services (AWS), which provides the scale, agility and availability they need to meet worldwide demand. To maintain security across their cloud development and production environments, Wizards initially relied on agents to gain visibility into the traffic traversing their Amazon Virtual Private Clouds (VPCs). But deploying agents was complex and costly, creating bottlenecks that ultimately slowed down the development and delivery cycles.
Describe the strategy that went into finding a solution: Frustrated with navigating the tradeoffs between speed and security, Wizards sought out a cloud-native solution that could provide agentless visibility and packet-level granularity. This would empower security analysts and developers to understand risk, as well as to detect, investigate and respond to threats before systems or data could become compromised.
Describe the solution selected: Wizards selected ExtraHop Reveal(x) Cloud, a SaaS-based network detection and response (NDR) solution, to provide unified visibility and threat detection across AWS workloads. Reveal(x) Cloud leverages Amazon VPC Traffic Mirroring to collect and analyze copies of network traffic packets from workloads in a customer’s VPC. With Reveal(x) Cloud, instead of only seeing which servers were communicating with each other as they had in the past, Wizards’ security team could quickly drill down to see what those servers were saying. They also gained critical information about everything from misconfigured services to potentially malicious activity.
Results of the Initiative:
- Accelerated Development Cycles without Compromising Security: Wizards reduced friction traditionally associated with security. With packet-level granularity and context into cloud and on-premises workloads, security analysts now support developers without looking over their shoulders. The security team still has visibility into risk, while developers retain the freedom to quickly create and roll out updates several times a day. “Developers aren't anti-security; what they are is anti-friction. With Reveal(x) Cloud, we’re removing that friction traditionally associated with security and becoming part of their development cycle. That’s a win-win across the board,” said Dan McDaniel, Chief Architect and Information Security Officer at Wizards of the Coast.
- Reduced Tool Sprawl. With unified visibility across both on-premises and AWS workloads, Wizards no longer needs separate toolsets to manage different components of its environment. This reduces costs and drives better alignment across security, IT operations and development teams.
- Improved Security Posture. The ability to automatically detect, classify and group new devices and workloads without the need to install agents or turn on logging has improved security posture. With this continuously updated insight into their environment, the team at Wizards can proactively identify vulnerabilities such as misconfigured cloud services and also identify anomalous device behaviors.
- Reduced tool sprawl and optimized tooling budget
- Cost-savings allowed for more investment in product features
- Accelerated development timelines without compromising security
If you have a suggestion for an eWEEK IT Science article, email firstname.lastname@example.org.