We recently spoke with Threat Stack customer Jameel Al-Aziz, DevOps/Software Engineer for 6sense, and developed the below case study that showcases how Al-Aziz and his team are using Threat Stack. Al-Aziz also details in the case study the company-wide benefits they are realizing, including a shortened sales cycle, by having a continuous security monitoring solution in place. Below is their story.
6sense is a B2B predictive intelligence engine for marketing and sales. Using a private network of billions of time-sensitive intent interactions, 6sense uncovers net-new prospects at every stage of the funnel and determines which existing prospects are in market to buy.
The Search for a Better Solution
When Jameel Al-Aziz isn’t scuba diving off the coast of Monterey and searching the ocean floor for treasure, he’s searching for ways to deliver speed, efficiency and security to his customers as a DevOps & Software Engineer for the fast growing, San Francisco based SaaS company, 6sense.
Coming off a successful B round of funding, 6sense has a bright future that is sure to see tremendous growth ahead. As such, they have built their infrastructure in the cloud with Amazon Web Services (AWS) where they have over 50 servers working to provide customers with a predictive intelligence engine that delivers actionable data to sales and marketing teams across the globe.
Faced with an infrastructure that is constantly growing due to increased demand, the task of keeping workloads and servers secure, compliant and protected while moving at the speed of DevOps is no easy task.
“Security is an incredibly hard and complex problem,” said Al-Aziz. “You can waste hours setting up IDS and audit rules, only to find out you missed something after it’s too late.” A small team with limited time and resources, 6sense was looking to avoid the weeks it would have taken to set up everything, tweak the rules, and develop a management framework. They needed something that could significantly reduce the learning curve associated with auditd and the typical IDS and that could tell them what is happening in real-time. With Threat Stack they are able to deploy an IDS, File Integrity Monitoring and Network Monitoring all with a one line command.
“Threat Stack not only provides a full security monitoring suite in a single affordable tool, it also goes beyond industry standard tools to give you incredibly detailed insight into the activity on your systems.” With the added bonus of being able to replay the TTY session, “you really can’t ask for much more!” said Al-Aziz. “I couldn’t find any vendors that remotely came close to what Threat Stack offered.”
“Setting up and configuring Threat Stack is as simple as a one-line command,” explained Al-Aziz. Once you have your policies in place, configuring a box to use that policy is simply a matter of including a single parameter to that one-line command. Gone are the days of configuring complicated snort rules!
Achieving Peace of Mind
Since Threat Stack detects previously unknown network activity, Al-Aziz is now able to quickly monitor, audit and harden rogue processes and default system processes that would otherwise go undetected. “Threat Stack has truly helped us understand how our systems interact with their host OS and with each other and we can define strict rules of what is allowed both on the file system and the network.”
Al-Aziz and team now have peace of mind that if someone breached their systems, not only would they know about it, they’d have a full audit trail. “It allows us to know that despite passing vulnerability scans, should someone use a previously unknown vulnerability to access customer data, we will know about it.”
Meeting SOC 2 Compliance
“The most compelling piece about Threat Stack is we were able to greatly simplify the SOC 2 Type 1 certification process by providing Threat Stack as evidence of our security policies in practice,” said Al-Aziz. First, they were able to use Threat Stack as evidence of their incident response policy. More importantly, 6sense uses Threat Stack as their sole piece of evidence for tools and protocols for monitoring all network level and system level activities.
“The evidence was incredibly easy to obtain through the UI and we were also able to forego the network vulnerability scan requirement by stating that Threat Stack was continuously running and scanning for network activity,” explained Al-Aziz.
Committed to Protecting Customers
“Our contracts stipulate a strong degree of security, and Threat Stack allows us to honor that commitment," said Al-Aziz. 6sense now uses Threat Stack to speed up security audits when on-boarding new customers, giving them the peace of mind that their data will remain secure.
Al-Aziz sums it up best when he says, “If you truly want to protect your assets, it’s best to pay for a solution built by experts.” For the full version of the case stidy, click below.
If you are interested in deploying Threat Stack’s security monitoring solution for your business, click below or contact us today at firstname.lastname@example.org.