Rearc has been helping a financial media company migrate and deploy its products and data services to public clouds, but their security teams experienced with on-premises datacenter architecture were struggling to review and architect their public cloud solutions. Meanwhile, developers continued to deploy into public clouds at an increasing rate, not always using the library of best-practices secure Terraform modules that Rearc engineers had helped the company to create. AWS Trusted Advisor generated many thousands of findings, but security teams had no way to track the progress of remediation efforts, and their cloud security platform rulesets and CI security checks weren't fully aligned with it.
A pair of Rearc engineers embedded with the Product Security team to build up their experience with cloud Infrastructure-as-code tools, including Terraform and the library of best-practices secure modules, as well as their CI/CD pipelines. They created a training workshop for members of the security team to deploy resources to AWS accounts and write a Terraform module for the AWS SNS simple notification service, which Rearc engineers reviewed and refined for submission to the module library. The Rearc engineers also worked with the security team to align Trusted Advisor findings with their incumbent and replacement cloud security platforms, prioritizing those findings for integration with their in-house initiative tracking platform.
After the training workshop, members of the Product Security team were better able to review infrastructure deployments that needed exceptions from the security checks in the CI/CD pipelines.
The Product Security team also developed a workflow for reviewing the Trusted Advisor findings, feeding back to the CI/CD pipeline, so that it could catch these misconfigurations before deployment. They also integrated this with their in-house initiative tracking platform to motivate developers to remediate the Trusted Advisor misconfiguration findings and reduce potential vulnerabilities in their public cloud deployments.
Read more about the latest and greatest work Rearc has been up to.
This project for a Fortune 500 company strengthened the security of Databricks-integrated data lake pipelines by implementing automated vulnerability detection, secure credential management, and third-party dependency scanning, resulting in a compliant and resilient infrastructure.
Rearc upskilled a Product Security team in public cloud infrastructure as code, developing a secure Terraform module for AWS SNS, and tracking remediation of Trusted Advisor findings.
As organizations strive to innovate rapidly, enhancing development velocity for their applications have become crucial. Rearc partnered with a Fortune 250 customer with the primary objective of streamlining the creation of net-new applications with built-in best practices. Key challenges included ensuring seamless integration with existing systems, maintaining robust security practices, accelerating time-to-market, retaining quality, and more.
Rearc designed and implemented a foundational governance pattern, DataHub, supporting sharing of data between internal buisness segments on Databricks.
Tell us more about your custom needs.
We’ll get back to you, really fast
Kick-off meeting
