Tracking Cloud Security Posture in a Dynamic Environment | Datadog
CASE STUDY

Tracking Cloud Security Posture in a Dynamic Environment

Learn how Datadog's Cloud Security Posture Management solution helps Marketplacer identify and remediate security posture issues in their infrastructure on their journey toward ISO:27001 certification

About Marketplacer

Established in 2017 in Australia, Marketplacer is a global technology platform-as-a-service (PaaS) company equipped with all the tools and functionality needed to build a successful and scalable online marketplace at speed. The Marketplacer platform exists to make growth simple. To date, the company has helped over 90 businesses execute their own successful marketplace strategies and connected over 20,000 businesses worldwide.


Key Results

Reduced MTTD and MTTR

Datadog helps Marketplacer reduce the time it takes to identify and mitigate compliance issues via easy filtering and remediation guidance.

Unified platform

CSPM is built on the unified Datadog Agent and cloud integrations, increasing operational efficiency and reducing cost.

600+ resources audited

With Datadog, Marketplacer gets live configuration check results on the 600+ resources so they can track their compliance over time.


Challenge

Marketplacer is pursuing ISO:27001 certification and needed a solution to help them identify issues and track their progress along that journey. They needed visibility into the state of their compliance across their dynamic environment, and across different points in time. With a small security team, they wanted an easy-to-use solution that wouldn’t induce alert fatigue or require a high barrier to entry.


Why Datadog?

Datadog offers Marketplacer a fully integrated Cloud Security Posture Management solution that enables everyone on their team to easily drill down into security posture issues and get actionable links to resources for mitigation.


Compliance Certification Held Back by Low Visibility

Understanding the state of your cloud security posture and the steps you need to take to mitigate misconfigurations is crucial for maintaining a strong security posture. At Marketplacer, keeping up to date with the state of their infrastructure compliance as they progressed toward an ISO:27001 certification was proving to be a challenge.

As Marketplacer began to expand internationally and work with larger customers, the infrastructure and security team organized around the goal of becoming compliant with ISO:27001 in order to meet the requirements of these new customers. As a cloud-native organization running on AWS, cloud security posture was a core element they needed to track and maintain. However, visibility into this area was limited—developers were working in silos when it came to configuring resources, and lacked a centralized way to manage configurations across the organization.

“ Building a compliant and secure platform is a high priority for our customers. We want to be proactive with our security.”

Christian Kornacker
DevOps Lead, Marketplacer

Marketplacer increasingly saw the need for a solution that could help them detect and remediate misconfigurations within their AWS Cloud infrastructure and other issues quickly in a rapidly changing environment. Furthermore, as big proponents of infrastructure as code, they could easily provision large swathes of AWS resources with a single command—but they needed guardrails in place to help them understand how each deployment would affect both their security posture and adherence to ISO:27001.

They set out to find a Cloud Security Posture Management solution that could meet their growing needs, but they didn’t like the high expertise requirements, noisy alerting, and complexity of the first few platforms they explored.

Actionable Security Posture Management the Entire Team Can Use

Marketplacer ultimately chose Datadog because it gives the engineers on the infrastructure and security team the ability to drill down into security posture issues as they crop up, with links to resources on how to remediate them. Additionally, by leveraging Datadog’s AWS API based cloud integrations and deploying the unified Datadog agent on their EC2 hosts, Marketplacer can track the results of their configuration checks each time they deploy, so they can better compare their security posture status across releases, and find ways to move closer to ISO:27001 compliance.

“ Datadog is easy to use, but at the same time, very comprehensive. What I like about Datadog is that you don’t need to be a security or compliance expert to go through your misconfigurations and fix them across the team.”

Christian Kornacker
DevOps Lead, Marketplacer

Marketplacer leverages Datadog’s dashboards and executive reporting to get summaries and track conformance to specific industry benchmarking criteria. The out-of-the-box cloud configuration rules map to various benchmarks and relevant controls, making it easy for everyone across the company to understand and get value out of the platform. For a small but growing team, the dashboards and mitigation advice help reduce complexity. Marketplacer also sets up bespoke, actionable alerts for each team, enabling everyone to maximize the impact of time spent on monitoring and maintaining their security posture.

Each time Markerplacer updates or deploys new resources, the team can check their security posture dashboard in Datadog to see which resource configurations don’t match the available rules. Because Datadog provides rich context around those resources, the team can easily go back to their infrastructure as code definitions to mitigate any issues that arise that may impact their compliance.

“ Datadog is the best I’ve seen when it comes to alerting. We can drill down to only see the issues that matter and reduce the noise. Each alert tells us why it exists and what to do about it—which is particularly helpful if you’re a junior infrastructure engineer.”

Christian Kornacker
DevOps Lead, Marketplacer

Additionally, Datadog continuously scans and surveys every resource, no matter how short-lived, so Marketplacer can answer tough questions and identify the state of their security posture down to specific resources and time frames.

Part of a Unified Platform

Cloud Security Posture Management is part of Datadog’s Cloud Security Management, which helps an organization protect its production environment with a full-stack offering providing threat detection, posture management, workload security, and application security.

Because Datadog Cloud Security Posture Management is fully integrated with the rest of the Datadog platform as well, the Marketplacer team can get a single unified view of their environment. They also leverage Datadog for APM and logging, with a focus on finding problems before they impact customers. With the addition of Cloud Security Posture Management, Datadog lets them bring that same focus to security.

Enabling Proactive Security Measures

With a Cloud Security Posture Management solution that not only gives them visibility into their security posture, but also enables them to find actionable industry recommendations for resolving issues, Marketplacer is seeing significant reductions in their MTTD and MTTR. As they move closer to ISO:27001 certification, Marketplacer has also been able to proactively address any issues that arise before they impact customers.

“ The speed and number of new configuration checks that Datadog adds on a regular basis is incredible. The trajectory of the product is so impressive.”

Christian Kornacker
DevOps Lead, Marketplacer

Resources

security-monitoring/security-hero-2

product

Datadog Cloud Security Posture Management
/blog/cloud-security-posture-management/CSPM-updated-hero

BLOG

Introducing Datadog Cloud Security Posture Management
/blog/aws-well-architected-compliance-monitoring/aws_well-architected_tool_compliance_monitoring_hero

BLOG

Integrate the AWS Well-Architected Tool with Datadog CSPM