Case Study

Cuebiq implements DevSecOps at scale with Prisma Cloud


Cutting-edge offline intelligence and measurement company Cuebiq uses Prisma Cloud to integrate security at every phase of development, run 10 scans a day in their Kubernetes® environment, and simplify compliance.


In brief

Customer

Cuebiq

Industry

Marketing and Advertising

Country

United States of America and Italy

Products and Services

Data sourcing and analysis tools and services


Challenge

Security team sought automation and integration to better protect their cloud infrastructure and reduce the task load for their team.

Requirements
  • Needed a solution that could manage security risks with less manual effort
  • Needed to integrate with its existing SIEM tool
  • Needed to support the company’s advance toward DevSecOps
Solution

Cuebiq selected Prisma® Cloud by Palo Alto Networks to automate tasks, extend visibility, and protect its wealth of data.

Download PDF Share

At the forefront of industry privacy standards

Cuebiq’s platform, Clara, uses location-based data to show how marketing activities influence consumer behavior. The company is at the forefront of industry privacy standards: Clara uses a future-proof privacy framework in its data collection and is one of the very first location providers to be certified by the Network Advertising Initiative (NAI), a leading privacy organization.

Cuebiq has a wealth of data that needs to be carefully protected, and new features are released regularly. Clara runs on Kubernetes, and the team needed a dedicated tool to address container security.

quote

Prisma Cloud helps our company reach the concept of DevSecOps, where we assess security in every phase of development. If any vulnerability or flaw is discovered, we patch it before going into production.

– Nicola Mutti, Head of Security, Cuebiq

Prisma Cloud

CHALLENGE

Security team sought automation and integration

Cuebiq’s security team is responsible for hardening, securing, and monitoring containers and Kubernetes. Together with Site Reliability Engineering (SRE), the team supports a DevOps organization of nearly 100 people.

The team needed a solution that could manage security risks with less manual effort, integrate with its existing SIEM tool, and support the company’s advance toward DevSecOps.

REQUIREMENTS

A data company requires careful protection and consistent coverage

Because Cuebiq relies on the careful protection of its vast resources of data, new features are released regularly, and Clara runs on Kubernetes, the team needed a dedicated tool to address container security. Additionally, Cuebiq needed a solution that could manage security risks with less manual effort as these new features are released. As the company advanced toward DevSecOps, Cuebiq also needed to integrate with its existing SIEM tool. It was important that the DevOps team was also able to maintain agility in the development process.

SOLUTION

Prisma Cloud reduces manual tasks and extends visibility

The security team uses Prisma Cloud as a primary tool in hardening the Kubernetes environment. Team members now run 10 scans per day to look for vulnerabilities, inspect traffic between containers, and block malicious requests. Prisma Cloud allows the team to integrate security at every phase of development. With real-time monitoring, it’s easy to discover and address any vulnerability or flaw before it goes into production. This, in turn, is helping the entire company move toward a DevSecOps culture and ultimately stay secure.

The team also appreciates simplified compliance in scanning for misconfigurations. Because certain security controls can be automated, management and remediation are easier for a team with many other responsibilities. Cuebiq integrated the platform directly with its existing SIEM, creating a central location for all security events—a fundamental requirement of the security vendor search.

Nicola Mutti, head of security for Cuebiq, says that Prisma Cloud provides “an incredible overall picture of everything developed in our environment. In a single pane of glass, we have everything under control.” By adopting Prisma Cloud, Cuebiq shortened the overall time between vulnerability discovery and remediation. Mutti and his team can now perform near-real-time assessments and gain a better understanding of what needs to be done to fix any issues.

BENEFITS

Prisma Cloud has helped Cuebiq in numerous ways, allowing the team to

Incorporate security in the CI/CD pipeline so they can discover and address any flaws in their containers before the issues go into production.

Integrate with existing SIEM, creating a central location for managing cloud native security events.

Shorten time to remediation using a single pane of glass to get a broader picture rooted in context. Real-time monitoring and risk prioritization speed up discovery and remediation dramatically.

Reduce task load for the security team by automating security controls, freeing them up to focus on higher priority tasks.

With Prisma Cloud, the Cuebiq engineering team can confidently identify and assess security vulnerabilities before putting code into production.

Mutti and the security team appreciate what Prisma Cloud has done for their current processes, and they’re thrilled they don’t have to manage multiple security tools anymore. In the near future, they also plan to assess the platform’s forensic capabilities, using Incident Explorer and the timeline view of security audits to help them enhance their internal capabilities.

To learn more about how Prisma Cloud can support your security processes, visit paloaltonetworks.com/prisma/cloud.