When looking to advance its cloud security, Agoda’s Application Security team sought to:
Lower the overall organizational cost for maintaining the growing cloud assets while keeping them secure
Reduce the MTTR (Mean Time to Resolve) for cloud security findings
Streamline the process related to human interaction / involvement (as resolving cloud security issues requires interaction with multiple software development and DevOps teams spread across multiple countries and timezones)
Operate the solution successfully with a geographically-distributed team, limited resources, skills and time
Connect the Cloud Security program to the SOC Continuous Vulnerability Management Program, leveraging the existing Vulnerability Management dashboard, resulting in less overhead in managing data conversion
Torq Hyperautomation tightly integrated with Agoda’s Cloud Security Posture Management solution, Wiz, and additional components in Agoda’s security stack. The findings detected by Wiz flow into Torq’s hyperautomated workflows that orchestrate the set of activities required to enrich and classify the findings, and drive them to resolution.
The main challenge originated from organizational structure complexity. This involved a team of cloud security specialists (architects), which act as a security owner and consultant to multiple projects, owned, in turn, by geographically-dispersed teams. All of them worked within significant time differences.
With this approach, the Agoda Application Security team has implemented the following processes:
Automated Oversight of Cloud Security Posture Trends With Orchestrated Pipeline
The solution was to introduce a shared notification and orchestration pipeline, outlining the critical issues for handling and orchestrating the remediation lifecycle with the involvement of engineering teams owning the relevant assets.
Automatic “Blast Radius” Analysis and Security Issue Prioritization
The solution was to automate checking of a finding “context” by automating the Wiz Security Graph and additional Attack Surface Management data, and prioritize the severity and criticality of findings in a “close to real-time” fashion without human involvement.
With Torq, Agoda’s Application Security Architects managed to improve their processes and drive cloud security issues to resolution, while gaining the following important benefits:
Streamlining processes that would take two-to-three weeks to converge (from the identification of a Cloud Security Posture issue to complete resolution and verification) to near real-time. It turned “bi-weekly cadences” into a continuous pipeline that promotes handling of important issues without delay.
Allowing a small security team of architects aligned to multiple projects and to handle large amounts of tasks, focus on critical findings, and reduce alert fatigue.
The following benefits were achieved through Torq Hyperautomation:
Reduced time from idea to production, due to Torq’s intuitive experience
Building hyperautomation strategies that consolidate people, processes, and technologies into coherent solutions
Raising the confidence in analysis and prioritization of security issues
Improving the SLA for security issues resolution and strengthening of cloud security posture