Customer Success Story: Leveraging the Power of >40 AWS Security Services
Leverage the potential of AWS' arsenal of cloud security services to protect online banking services.
Financial Services & Insurances
Solaris
CHALLENGE
Solaris offers its clients a completely digital Banking-as-a-Service platform to which other businesses can connect. This business model easily enables existing and new business to offer their own financial services. Solaris has chosen Amazon Web Services (AWS) as their strategic cloud platform for their current and upcoming digital products.
As a fully licensed online bank, Solaris needs to meet very high security-requirements. Given that AWS provides the most complete and mature cloud ecosystem with a strong security focus, Solaris and AWS are a perfect fit.
AWS offers more than forty ready-to-use security-related services, which no traditional on-premise datacenter can compete with.
Nonetheless, leveraging this potential requires expert resources with their know-how and long-term expertise.
solution
Alice&Bob.Company accompanied Solaris, leveraging the power and capabilities of these security services, in order to further enhance their overall security posture.
Derived from agile threat modeling workshops, Alice&Bob covered and optimized several aspects of cybersecurity:
Top priority was setting up intrusion & DDoS prevention. This also included the implementation of continuous auditing service. AWS cloud services like GuardDuty, Shield, Config and Lambda have been prepared, set up, arranged and implemented, in order to protect accounts and workloads with intelligent threat detection and automated incident response.
Furthermore, the focus laid on the improvement of the Identity and Access Management (IAM). Service Control Policies (SCPs) helped to effectively manage and control guardrails consistently across the different accounts.
To spread the knowledge around the organization Alice&Bob enabled and trained the team on the freshly implemented features. With their very experienced and 100% certified team, Alice&Bob delivered custom trainings on AWS security as well as on AWS basics. This helped Solaris to reinforce their security culture and accelerate their AWS cloud migration.
CLOUD TECHNOLOGIES
EC2, EKS, Fargate, IAM, SCPs, Guard Duty, Shield, Config, Lambda, CloudTrail, CloudFormation
Integration & enablement - Alice&Bob.Company cultivated DevSecOps and cloud technology competency across several product teams!
RESULT
Security became an inherent component of Solaris’ CI/CD pipelines. More specific: with every code update released for their products, several automatic audits, vulnerability scans and compliance checks are evoked automatically.
Thereby security controls are embedded into every phase of the software development process, making Solaris’ products secure by design. Solaris’ security has undergone a “shift left”.
Our teams had very productive collaborations with Alice&Bob. They validated and improved our architecture and design decisions, with a strong perspective on security. I really appreciate their in-depth technical knowledge and experience, combined with their passionate 'can-do-attitude'.
RELATED SERVICES
THREAT MODELING WORKSHOP
Use this threat and risk based methodology to
identify and evaluate threats to your
digital product. We conduct an agile threat modeling workshop and help you to leverage the outcomes for your product development lifecycle.
SeCURITY CONSULTING
We’ve been the first AWS partner in DACH, focussing crystal clear on Cloud Security. We’re providing cloud security expert advice to C-level executives, management roles, product teams and engineers. We integrate and enable.