Recently I had an opportunity to speak with Ryan Ivis, Manager of Security Architecture at Ping Identity. Over the course of our discussion, Ryan shared many valuable insights into his organization’s security challenges, their security goals, and some of the factors that led them to make Threat Stack’s Cloud Security Platform® a core component in their overall cloud security strategy. I’ve summarized the key points in the following article to help you see how your organization might benefit from Ping’s experiences.
“Threat Stack is a major factor in enabling us to gain security observability and control throughout our cloud environment. No company is really serverless right now, so when you have servers, you need host-based intrusion detection. And that means you need Threat Stack. It’s really that basic.” — Ryan Ivis, Manager of Security Architecture, Ping Identity
About Ping Identity
Ping Identity is an identity and access management company, founded in 2002 and headquartered in Denver, Colorado. Ping is a pioneer in helping enterprises achieve Zero Trust identity-defined security and more personalized, streamlined user experiences. The Ping Intelligent Identity™ platform gives customers, employees, partners and, increasingly, IoT, access to cloud, mobile, SaaS, and on-premises applications and APIs, while also managing identity and profile data at scale. With over 900 employees and a rapidly scaling environment, Ping has long been committed to the security of its own cloud environment as well as the security of its customers.
Ping’s Cloud Security Challenges
To ensure the security of their own workflows as well as the security of all services being passed on to their customers, Ping began implementing a well-known open source tool. They quickly determined, however, that the effort required to customize it to their specific security and operational needs would be unrealistic. They then began looking at alternate solutions, including Threat Stack, several of its competitors, and a number of open source solutions.
Why Ping Chose Threat Stack
Ping settled on Threat Stack given its powerful ability to address their core need for comprehensive security observability along with the need for continuous monitoring and the ability to distribute controls throughout their stack. The richness of Threat Stack’s data, the ability to enhance its usability through custom rulesets, and flexibility of consumption using the webhooks and API, enabled Ping to output alerts from the Threat Stack platform to their ELK stack. This allowed them to use Threat Stack data in existing workflows they are comfortable with (i.e., alert triage and incident remediation, remediation via Jira, vulnerability patching, and more). Finally, the fact that Threat Stack is lightweight and can be deployed at speed and scale made it all the more suited to Ping’s rigorous security and operational requirements.
Threat Stack has enabled Ping Identity to integrate security into all of its products and processes. Being able to achieve security observability through their entire stack, being able to continuously monitor all workloads, insert distributed controls, and generate rich, actionable data, has resulted in a significant reduction in both MTTK and MTTR, giving Ping the organization-wide security it needs, along with the ability to pass security on to its rapidly growing customer base. Moving forward, Threat Stack will remain a core element in Ping’s security strategy.
Final Words . . .
If you’re interested in finding out more about how Threat Stack can help your organization strengthen its security posture, sign up for a demo. Our experts will be pleased to discuss your specific compliance and cloud security requirements.