Rapid7 Case Studies InsightCloudSec Facilitates Continuous Multi-Cloud Security for CoStar Amid Mergers and Acquisitions

Edit This Case Study Record

	InsightCloudSec Facilitates Continuous Multi-Cloud Security for CoStar Amid Mergers and Acquisitions Rapid7

InsightCloudSec Facilitates Continuous Multi-Cloud Security for CoStar Amid Mergers and Acquisitions

Rapid7

Technology Category	Cybersecurity & Privacy - Cloud Security Cybersecurity & Privacy - Security Compliance
Applicable Industries	Equipment & Machinery National Security & Defense
Applicable Functions	Product Research & Development Quality Assurance
Use Cases	Leasing Finance Automation Tamper Detection
Services	Cloud Planning, Design & Implementation Services Cybersecurity Services
Challenge	CoStar Group, a leading provider of commercial real estate information, analytics, and online marketplaces, has been expanding its reach through mergers and acquisitions (M&A). As of October 1, 2019, CoStar has spent approximately $2 billion acquiring a total of 27 organizations, each with a unique cloud presence and varying levels of cloud competency. The challenge for CoStar is ensuring the security and compliance of its constantly growing and evolving cloud footprint, which spans across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). When growing through M&A, CoStar must be able to understand the cyber risk of the acquisition target, integrate the newly acquired resources, and maintain the ability of these acquired entities to accelerate innovation through the use of cloud services without the loss of control. Read More
About Customer	CoStar Group is a leading provider of commercial real estate information, analytics, and online marketplaces. They conduct expansive, ongoing research to produce and maintain the largest and most comprehensive database of commercial real estate information. Their suite of online services, which include Apartments.com, LoopNet, Lands of America, BizBuySell, and many more, enable clients to analyze, interpret, and gain unmatched insight into property values, market conditions, and current availabilities. To expand their reach, CoStar supplements its core products with complementary services and capabilities through mergers and acquisitions. They have an estimated revenue of $1.2 billion. Read More
Solution	CoStar selected the InsightCloudSec platform to establish and maintain comprehensive security for their multi-cloud environment. When acquiring a new company through M&A, CoStar uses InsightCloudSec as part of its onboarding. This onboarding process integrates key infrastructure and cloud service provider security tools, InsightCloudSec, and other third-party tools. Using InsightCloudSec’s Badges and non-invasive Insights as part of their onboarding process, CoStar has immediate visibility of how a new cloud environment scores against their security baseline. If any of the new environments do not meet CoStar’s security or compliance requirements, InsightCloudSec will automate remediation. After using InsightCloudSec to align the new cloud environments with CoStar’s cloud security requirements and validating proper configuration, CoStar integrates cloud account authentication and authorization into its Active Directory. Once the new environments are fully integrated, InsightCloudSec continues to provide critical data, continuous monitoring, and automated remediation while integrating with many of CoStar’s tools. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Cloud Security

Cybersecurity & Privacy - Security Compliance

Applicable Industries

Equipment & Machinery

National Security & Defense

Applicable Functions

Product Research & Development

Quality Assurance

Use Cases

Leasing Finance Automation

Tamper Detection

Services

Cloud Planning, Design & Implementation Services

Cybersecurity Services

Challenge

CoStar Group, a leading provider of commercial real estate information, analytics, and online marketplaces, has been expanding its reach through mergers and acquisitions (M&A). As of October 1, 2019, CoStar has spent approximately $2 billion acquiring a total of 27 organizations, each with a unique cloud presence and varying levels of cloud competency. The challenge for CoStar is ensuring the security and compliance of its constantly growing and evolving cloud footprint, which spans across Amazon Web Services (AWS), Microsoft Azure, and Google Cloud Platform (GCP). When growing through M&A, CoStar must be able to understand the cyber risk of the acquisition target, integrate the newly acquired resources, and maintain the ability of these acquired entities to accelerate innovation through the use of cloud services without the loss of control.

About Customer

CoStar Group is a leading provider of commercial real estate information, analytics, and online marketplaces. They conduct expansive, ongoing research to produce and maintain the largest and most comprehensive database of commercial real estate information. Their suite of online services, which include Apartments.com, LoopNet, Lands of America, BizBuySell, and many more, enable clients to analyze, interpret, and gain unmatched insight into property values, market conditions, and current availabilities. To expand their reach, CoStar supplements its core products with complementary services and capabilities through mergers and acquisitions. They have an estimated revenue of $1.2 billion.

Solution

CoStar selected the InsightCloudSec platform to establish and maintain comprehensive security for their multi-cloud environment. When acquiring a new company through M&A, CoStar uses InsightCloudSec as part of its onboarding. This onboarding process integrates key infrastructure and cloud service provider security tools, InsightCloudSec, and other third-party tools. Using InsightCloudSec’s Badges and non-invasive Insights as part of their onboarding process, CoStar has immediate visibility of how a new cloud environment scores against their security baseline. If any of the new environments do not meet CoStar’s security or compliance requirements, InsightCloudSec will automate remediation. After using InsightCloudSec to align the new cloud environments with CoStar’s cloud security requirements and validating proper configuration, CoStar integrates cloud account authentication and authorization into its Active Directory. Once the new environments are fully integrated, InsightCloudSec continues to provide critical data, continuous monitoring, and automated remediation while integrating with many of CoStar’s tools.

Impact #1	InsightCloudSec has enabled CoStar to create a standardized security baseline across products, business units, and cloud service providers. Without InsightCloudSec, CoStar would have to manually aggregate resources and resolve security issues between AWS, Azure, and GCP. InsightCloudSec automatically alerts the CoStar security team of misconfigurations, and in some circumstances, corrects issues automatically. Without InsightCloudSec’s automation, CoStar’s pace would slow and its vulnerability to risk would rise. Through continued collaboration, InsightCloudSec has delivered several features that extend beyond CoStar’s primary goal of achieving rigorous security while driving innovation and growth. InsightCloudSec has become a cornerstone of CoStar’s cloud strategy, which, in turn, supplements their ability to synergize with agile, innovative companies that complement the brand.

Impact #1

InsightCloudSec has enabled CoStar to create a standardized security baseline across products, business units, and cloud service providers. Without InsightCloudSec, CoStar would have to manually aggregate resources and resolve security issues between AWS, Azure, and GCP. InsightCloudSec automatically alerts the CoStar security team of misconfigurations, and in some circumstances, corrects issues automatically. Without InsightCloudSec’s automation, CoStar’s pace would slow and its vulnerability to risk would rise. Through continued collaboration, InsightCloudSec has delivered several features that extend beyond CoStar’s primary goal of achieving rigorous security while driving innovation and growth. InsightCloudSec has become a cornerstone of CoStar’s cloud strategy, which, in turn, supplements their ability to synergize with agile, innovative companies that complement the brand.

Benefit #1	InsightCloudSec completes the onboarding process within about 10 minutes
Benefit #2	Detection and automated remediation can begin in as little as 30 seconds
Benefit #3	CoStar has spent approximately $2 billion acquiring a total of 27 organizations

Benefit #1

InsightCloudSec completes the onboarding process within about 10 minutes

Benefit #2

Detection and automated remediation can begin in as little as 30 seconds

Benefit #3

CoStar has spent approximately $2 billion acquiring a total of 27 organizations

Download PDF Version

Overview

InsightCloudSec Facilitates Continuous Multi-Cloud Security for CoStar Amid Mergers and Acquisitions

Operational Impact

Quantitative Benefit