Intelligent CIO APAC Issue 26 | Page 50

It ’ s becoming widely recognized that security needs to be prioritized at the earliest possible stage .
Mel Migriño , Meralco Group CISO
CodePipeline , AWS CodeBuild and Amazon Landing Zone .
• Ability to analyze container images and prioritize vulnerabilities for remediation .
• Ability to detect security risks in serverless functions , supporting Lambda and Fargate .
• Ability to detect , prevent and respond to anomalous activity at runtime .
“ Given Bayad ’ s direction for cloud adaptation ,” states Mel Migriño , Meralco Group CISO , “ we had to prioritize security controls in this new environment to ensure that the environment remains secure and intact .”
Bayad ’ s evaluation included market research to establish a viable short list of potential vendors , followed by providing requirements to candidates , collecting detailed responses from each and accomplishing a cost-benefit analysis .
Transformation . The chosen Aqua solutions and critical capabilities include :
• Container image vulnerability scanning
• Serverless function security scanning
• Cloud security posture management ( CSPM )
• Cloud workload protection and runtime security
• Risk-based insights ( vulnerability prioritization and triage )
• Flexible security policies with audit / enforce modes
• Deep integration with key Amazon solutions for DevOps
At inception , Bayad involved stakeholders from security , development and cloud deployment teams . Initial implementation activities were deliberate and gradual , accelerating for subsequent projects .
“ In the first application integration ,” explained Migriño , “ we held weekly project meetings and daily deployment and troubleshooting activities with the local Aqua partner to ensure the successful integration of the solution .”
With Aqua , Migriño and team are able to assess security risks in the pipeline before applications get pushed into production .
“ Based on the assessment of our team ,” continued Migriño , “ Aqua offers the capabilities that best match our environment from containers all the way to serverless .”
Additionally , the team regarded the strong solution competency and rapid response to communications by Aqua ’ s local partner as positively influential in heir evaluation .
The solution
Bayad selected Aqua ’ s cloud-native application protection platform to secure its Digital
This includes detecting and remediating vulnerabilities in container images and serverless functions , security misconfigurations in cloud environments , and the presence of hidden secrets and sensitive data in application artifacts .
Aqua is also being used to extend security controls into production environments , where Aqua detects and prevents anomalous or disallowed behaviors at runtime .
Additionally , Bayad is better prepared to adhere to industry best practices and compliance requirements , supporting principles of least privilege , detecting anomalies at runtime , and hardening cloud infrastructure .
“ Using the Aqua solution has helped prevent potential exposure of sensitive information , credentials , and keys that could have led to account takeover and system compromise ,” said Lawrence Ferrer , President and CEO .
As a result of their relationship with Aqua and its local partner , Bayad has realized its vision for greater security of critical applications , protection of sensitive business and customer data , and compliance with industry requirements .
“ With Aqua , we now have visibility on the vulnerabilities of our cloud-native applications ,” stated Migriño , “ and it
50 INTELLIGENTCIO APAC www . intelligentcio . com