Gaming company centralizes security management, gains real-time visibility into multicloud infrastructure

Based out of India, a world-leading, mobile esports and digital gaming platform allows users to participate in free as well as paid competitions across 60+ games in multiple categories, including fantasy sports, sports games, puzzles, and board games. The company hosts hundreds of millions of tournaments a month and is trusted by over 90 million registered users across Asia, Europe, North America, and Africa.

“For us, the safety and security of our users is our utmost priority and we are committed to offering the best gaming experience. We had multiple, siloed security tools from various Cloud Security Providers (CSPs), which added to the complexity of managing the different cloud environments, resulting in poor internal user experience,” says the VP of Security.

The organization was rapidly expanding and was charting new go-to-market strategies across newer markets. This meant that the company had to meet region-specific regulatory requirements. “We had multiple, siloed tools to monitor disparate infrastructure and there was a high possibility of misconfigurations. As we were in expansion mode, it was important that we upgraded our security tools to maintain consistent security compliance,” explains the VP of Security.

The company had two workload clusters across Amazon Web Services (AWS) and Google Cloud Platform (GCP), and did not have visibility with their existing cloud infrastructure. The company relied heavily on the AWS Security Hub and AWS Lambda functionality to send alerts to their internal Slack groups to manage alerts and incidents. They needed to successfully offboard the alerting of security vulnerabilities, changes in firewall, and unusual user activity detections, as they faced a huge shortage of skilled resources. According to the VP of Security, “In addition to the lack of visibility, we faced challenges in hiring talent to manage our cloud security. We were looking for a comprehensive cloud-native application protection platform (CNAPP) solution with more workloads becoming containerized, which further increased the skill gap. The time has come to reduce human dependence and opt for automation, which would greatly reduce the time spent on alerts and empower our security team.”

The company needed a CNAPP solution with the following requirements:

• Scaling cloud security management, without significantly increasing staff.
• A single platform for visibility and security across multiple cloud service providers (CSPs).
• Security for containerized workloads.
• Identification and autoremediation of all the misconfigurations, vulnerabilities, and excessive permissions.

The VP of Security had evaluated Prisma Cloud from Palo Alto Networks in his previous organization and understood the value of the solution and what it can offer his current company holistically.

The onboarding process was smooth and four security team members worked on setting this up. It took the VP of Security and his team three months to fully onboard and set things up as per their needs, operationalizing the detection and response for findings detected by Prisma Cloud. “With Prisma Cloud, we are now capable of addressing multiple cloud security requirements, including visibility, compliance, governance, threat detection, container security, and DevSecOps in a single platform. What sets the solution apart is its real-time alerts, depth of compliance, and out-of-thebox policy coverage.”

The team was also looking at gaining full visibility from their containerized applications during the build, deploy, and run phases. With Prisma Cloud, they can aggregate and prioritize vulnerabilities continuously. With native security tools from CSPs, the organization faced high risks of misconfigurations. However, with Prisma Cloud’s query engine, misconfigurations, or any issues in public assets could be identified quickly with automation. In addition, the autoremediation in Prisma Cloud helped reduce the time taken to fix these repeated alerts.

With their requirements, the company would have needed to purchase individual tools for Cloud Security Posture Management (CSPM), cloud workload protection (CWP), and cloud i entitlement management (CIEM). However, Prisma Cloud is the industry’s first CNAPP that delivers these capabilities in a single platform, enabling the company to consolidate various tools and adopt a platform approach to their cloud strategy. Palo Alto Networks was awarded the 2023 Frost & Sullivan Global Company of the Year Award in the cloud-native application protection platform (CNAPP) industry. This recognition follows on from the 2022 designation of Cloud Workload Protection Company of the Year. The awards are a testament to Prisma Cloud’s leadership in cloud security.

With Prisma Cloud, the company now has all misconfigurations and security vulnerabilities from all accounts in their multicloud environment available on a single dashboard. They have been able to centralize various accounts across AWS and GCP, and gain visibility into their overall infrastructure and all their workloads. They now have high compliance scores, audit-ready reports, and complete threat information.

A single platform addressing multiple cloud security requirements

Prisma Cloud addresses multiple cloud security requirements. Host defenders help extend security policies at VM levels, as resource consumption by these agents as well as the costs incurred are a significant hurdle. With Prisma Cloud, the organization now has the advantage of getting detailed incident reports that in turn, reduce their time and effort to identify the type of malware and its attack path.

Reduction of mean time to detect (MTTD) and mean time to react (MTTR)

Prisma Cloud has successfully operationalized and optimized the cloud environment. The security team has been able to set up autoremediations and real-time alerting on various types of APIs being made on these platforms. With Prisma Cloud’s investigation feature, the company can also create query assets, helping extend their in-house automation capabilities.

Extensive visibility and monitoring

The organization now has 360-degree asset visibility and monitoring of their cloud resources (~138K assets). Today, 99% of all 12 million alerts are remediated, 86% of all incidents are remediated, and 95% of all risks are remediated. Prisma Cloud has enabled alerting on application vulnerabilities and package vulnerabilities.

Looking ahead, the company will continue to fine-tune their cloud environment. The VP of Security shares, “From our initial onboarding and deployment to operationalizing the platform, we felt extremely supported by Palo Alto Networks.”

The Prisma Cloud team has been extremely helpful in helping the organization resolve issues—either product-related or queries regarding existing features in the product. “The Customer Success team conducts quarterly review meetings with us where, among other things, they have helped us identify various use cases to improve our security posture by leveraging the solution further,” the VP of Security adds. He advises companies considering Prisma Cloud to onboard the solution as soon as possible so that they can start acting on the findings detected immediately. “This will help organizations ensure that they maintain a robust overall cloud security posture, which is especially important in a multicloud environment,” concludes the VP of Security.