Rearc has been helping a financial media company migrate and deploy its products and data services to public clouds, but their security teams experienced with on-premises datacenter architecture were struggling to review and architect their public cloud solutions. Meanwhile, developers continued to deploy into public clouds at an increasing rate, not always using the library of best-practices secure Terraform modules that Rearc engineers had helped the company to create. AWS Trusted Advisor generated many thousands of findings, but security teams had no way to track the progress of remediation efforts, and their cloud security platform rulesets and CI security checks weren't fully aligned with it.
A pair of Rearc engineers embedded with the Product Security team to build up their experience with cloud Infrastructure-as-code tools, including Terraform and the library of best-practices secure modules, as well as their CI/CD pipelines. They created a training workshop for members of the security team to deploy resources to AWS accounts and write a Terraform module for the AWS SNS simple notification service, which Rearc engineers reviewed and refined for submission to the module library. The Rearc engineers also worked with the security team to align Trusted Advisor findings with their incumbent and replacement cloud security platforms, prioritizing those findings for integration with their in-house initiative tracking platform.
After the training workshop, members of the Product Security team were better able to review infrastructure deployments that needed exceptions from the security checks in the CI/CD pipelines.
The Product Security team also developed a workflow for reviewing the Trusted Advisor findings, feeding back to the CI/CD pipeline, so that it could catch these misconfigurations before deployment. They also integrated this with their in-house initiative tracking platform to motivate developers to remediate the Trusted Advisor misconfiguration findings and reduce potential vulnerabilities in their public cloud deployments.
Read more about the latest and greatest work Rearc has been up to.
This project for a Fortune 500 company strengthened the security of deployed applications by implementing notarization for container artifacts, that can be used to established a chain of trust.
This project for a Fortune 500 company strengthened the security of deployed applications by implementing automated cryptographic cipher scanning, analysis, and reporting, ensuring security compliance while maintaining development velocity.
Rearc performed an application portfolio assessment and designed a migration strategy for Avesis as they moved to a new AWS Organization. Post planning, Rearc leveraged infrastructure as code to deliver a new cloud landing zone in AWS and created an account factory for future growth. Rearc integrated Avesis's new AWS environment with their new Azure environment.
This project for a Fortune 500 company strengthened the security of Databricks-integrated data lake pipelines by implementing automated vulnerability detection, secure credential management, and third-party dependency scanning, resulting in a compliant and resilient infrastructure.
Tell us more about your custom needs.
We’ll get back to you, really fast
Kick-off meeting
