Understanding the state of your cloud security posture and the steps you need to take to mitigate misconfigurations is crucial for maintaining a strong security posture. At Marketplacer, keeping up to date with the state of their infrastructure compliance as they progressed toward an ISO:27001 certification was proving to be a challenge.
As Marketplacer began to expand internationally and work with larger customers, the infrastructure and security team organized around the goal of becoming compliant with ISO:27001 in order to meet the requirements of these new customers. As a cloud-native organization running on AWS, cloud security posture was a core element they needed to track and maintain. However, visibility into this area was limited—developers were working in silos when it came to configuring resources, and lacked a centralized way to manage configurations across the organization.
“ Building a compliant and secure platform is a high priority for our customers. We want to be proactive with our security.”
Christian Kornacker
DevOps Lead, Marketplacer
Marketplacer increasingly saw the need for a solution that could help them detect and remediate misconfigurations within their AWS Cloud infrastructure and other issues quickly in a rapidly changing environment. Furthermore, as big proponents of infrastructure as code, they could easily provision large swathes of AWS resources with a single command—but they needed guardrails in place to help them understand how each deployment would affect both their security posture and adherence to ISO:27001.
They set out to find a Cloud Security Posture Management solution that could meet their growing needs, but they didn’t like the high expertise requirements, noisy alerting, and complexity of the first few platforms they explored.
Marketplacer ultimately chose Datadog because it gives the engineers on the infrastructure and security team the ability to drill down into security posture issues as they crop up, with links to resources on how to remediate them. Additionally, by leveraging Datadog’s AWS API based cloud integrations and deploying the unified Datadog agent on their EC2 hosts, Marketplacer can track the results of their configuration checks each time they deploy, so they can better compare their security posture status across releases, and find ways to move closer to ISO:27001 compliance.
“ Datadog is easy to use, but at the same time, very comprehensive. What I like about Datadog is that you don’t need to be a security or compliance expert to go through your misconfigurations and fix them across the team.”
Christian Kornacker
DevOps Lead, Marketplacer
Marketplacer leverages Datadog’s dashboards and executive reporting to get summaries and track conformance to specific industry benchmarking criteria. The out-of-the-box cloud configuration rules map to various benchmarks and relevant controls, making it easy for everyone across the company to understand and get value out of the platform. For a small but growing team, the dashboards and mitigation advice help reduce complexity. Marketplacer also sets up bespoke, actionable alerts for each team, enabling everyone to maximize the impact of time spent on monitoring and maintaining their security posture.
Each time Markerplacer updates or deploys new resources, the team can check their security posture dashboard in Datadog to see which resource configurations don’t match the available rules. Because Datadog provides rich context around those resources, the team can easily go back to their infrastructure as code definitions to mitigate any issues that arise that may impact their compliance.
“ Datadog is the best I’ve seen when it comes to alerting. We can drill down to only see the issues that matter and reduce the noise. Each alert tells us why it exists and what to do about it—which is particularly helpful if you’re a junior infrastructure engineer.”
Christian Kornacker
DevOps Lead, Marketplacer
Additionally, Datadog continuously scans and surveys every resource, no matter how short-lived, so Marketplacer can answer tough questions and identify the state of their security posture down to specific resources and time frames.
Cloud Security Posture Management is part of Datadog’s Cloud Security Management, which helps an organization protect its production environment with a full-stack offering providing threat detection, posture management, workload security, and application security.
Because Datadog Cloud Security Posture Management is fully integrated with the rest of the Datadog platform as well, the Marketplacer team can get a single unified view of their environment. They also leverage Datadog for APM and logging, with a focus on finding problems before they impact customers. With the addition of Cloud Security Posture Management, Datadog lets them bring that same focus to security.
With a Cloud Security Posture Management solution that not only gives them visibility into their security posture, but also enables them to find actionable industry recommendations for resolving issues, Marketplacer is seeing significant reductions in their MTTD and MTTR. As they move closer to ISO:27001 certification, Marketplacer has also been able to proactively address any issues that arise before they impact customers.
“ The speed and number of new configuration checks that Datadog adds on a regular basis is incredible. The trajectory of the product is so impressive.”
Christian Kornacker
DevOps Lead, Marketplacer
