Client
A global energy enterprise partnered with Cloudignyte to accelerate the migration and deployment to its new CSPM provider, Wiz. With thousands of AWS and Azure accounts in its existing environment, the company needed to transition swiftly to maintain continuous coverage before decommissioning the previous CSPM provider.
Challenge
- Multi-Account Complexity: Onboarding thousands of AWS, Azure and Alibaba Cloud accounts.
- Strict Deadline: Ensuring deployment and coverage completion before existing services were decommissioned.
- Distributed User Model: Managing access across a large, distributed organization.
- Custom Reporting: Providing a solution for bespoke vulnerability reports enriched with enterprise data.
Solution
A Bespoke Approach to RBAC and Reporting
-
Cloud Native RBAC: Mapped organizational hierarchy tiers from the existing service management platform to Wiz's internal project structure. Leveraged AAD OAuth and SAML for role-based access control and secure project access.
-
Cloud Native Reporting: Developed a bespoke reporting service to track vulnerability resolution performance by team, with automated Microsoft Teams notifications for team leads.
-
Cloud Native Integrations: Custom integration services to embed Wiz into other critical enterprise services for asset management, vulnerability management and company scorecard.
Results & Business Impact
- Vulnerability Detection: Identified and contextualized millions of vulnerabilities across all cloud accounts.
- Streamlined Security Operations: Reduced security management workload adopting an automated distributed model.
- Zero Day Alerting: Implemented automated notifications for critical findings, ensuring rapid response.
- Data Visualisation: Integrated with key enterprise applications to maximize the value of Wiz data collections.
Conclusion
Cloudignyte's bespoke solutions enabled this global energy leader to secure cloud workloads at scale, ensuring cost-efficient, consistent monitoring across thousands of cloud accounts.