Fidelis Security Case Studies Xero Chooses Cloudpassage Halo for Workload Security at Devops Speed

Edit This Case Study Record

	Xero Chooses Cloudpassage Halo for Workload Security at Devops Speed Fidelis Security

Xero Chooses Cloudpassage Halo for Workload Security at Devops Speed

Fidelis Security

Technology Category	Cybersecurity & Privacy - Cloud Security Infrastructure as a Service (IaaS) - Cloud Computing
Applicable Industries	Software
Applicable Functions	Discrete Manufacturing Product Research & Development
Use Cases	Cybersecurity Manufacturing System Automation
Services	Cloud Planning, Design & Implementation Services Cybersecurity Services
Challenge	In 2014, Xero was experiencing strong growth and needed new technologies to support their next wave of growth. They needed technologies that would enable fast scalability, fast infrastructure deployment, and automated security. Xero solved the first two challenges by moving their IT infrastructure from a traditional outsourced datacenter environment to a public cloud environment— Amazon Web Services. However, finding a security system that was fully automated and could keep up with their fast-paced DevOps environment was a challenge. Most IT security products on the market would not perform efficiently in such an environment. Xero’s lead security architect, Aaron McKeown, wanted to provide Xero’s DevOps teams with a set of strong security controls that could be baked into their DevOps processes, not bolted on after the fact. Read More
About Customer	Xero is a company that develops cloud-based accounting software for small and medium-sized businesses. They have over 860,000 subscribers in more than 180 countries, and their software accounts for over $1 trillion of incoming and outgoing transactions per year. In 2014, after several years of strong growth, Xero knew that they needed some new technologies to support their next wave of growth. Specifically, Xero needed technologies that would enable fast scalability, fast infrastructure deployment, and automated security. Read More
Solution	After a lengthy search for the right security tool, McKeown chose CloudPassage Halo. Halo met all of McKeown’s requirements, and then some. Built for speed, Halo is fully automated, everything from installation of agents all the way through to policy assignment, alerting ,and reporting. Halo’s architecture supports elastic operating environments and can scale just as fast as your operations teams can deploy new workloads. McKeown was able to realize his dream that developers would never need to log into the Halo security console. All operations could be done programatically through the API. Halo includes several different kinds of security controls that allowed McKeown to minimize the software attack surface, reduce the network attack surface, ensure that Xero’s workloads have not been compromised, and maintain compliance with PCI data regulations. Halo is able to transmit all of the information that it learns about the security posture of Xero’s workloads to Xero’s SIEM which is Splunk. Read More Log in to view content
Contents

Technology Category

Cybersecurity & Privacy - Cloud Security

Infrastructure as a Service (IaaS) - Cloud Computing

Applicable Industries

Software

Applicable Functions

Discrete Manufacturing

Product Research & Development

Use Cases

Cybersecurity

Manufacturing System Automation

Services

Cloud Planning, Design & Implementation Services

Cybersecurity Services

Challenge

In 2014, Xero was experiencing strong growth and needed new technologies to support their next wave of growth. They needed technologies that would enable fast scalability, fast infrastructure deployment, and automated security. Xero solved the first two challenges by moving their IT infrastructure from a traditional outsourced datacenter environment to a public cloud environment— Amazon Web Services. However, finding a security system that was fully automated and could keep up with their fast-paced DevOps environment was a challenge. Most IT security products on the market would not perform efficiently in such an environment. Xero’s lead security architect, Aaron McKeown, wanted to provide Xero’s DevOps teams with a set of strong security controls that could be baked into their DevOps processes, not bolted on after the fact.

About Customer

Xero is a company that develops cloud-based accounting software for small and medium-sized businesses. They have over 860,000 subscribers in more than 180 countries, and their software accounts for over $1 trillion of incoming and outgoing transactions per year. In 2014, after several years of strong growth, Xero knew that they needed some new technologies to support their next wave of growth. Specifically, Xero needed technologies that would enable fast scalability, fast infrastructure deployment, and automated security.

Solution

After a lengthy search for the right security tool, McKeown chose CloudPassage Halo. Halo met all of McKeown’s requirements, and then some. Built for speed, Halo is fully automated, everything from installation of agents all the way through to policy assignment, alerting ,and reporting. Halo’s architecture supports elastic operating environments and can scale just as fast as your operations teams can deploy new workloads. McKeown was able to realize his dream that developers would never need to log into the Halo security console. All operations could be done programatically through the API. Halo includes several different kinds of security controls that allowed McKeown to minimize the software attack surface, reduce the network attack surface, ensure that Xero’s workloads have not been compromised, and maintain compliance with PCI data regulations. Halo is able to transmit all of the information that it learns about the security posture of Xero’s workloads to Xero’s SIEM which is Splunk.

Impact #1	Halo is easy to use. Working with CloudPassage, the Cloud Security Team at Xero quickly built up knowledge of the Halo platform, which was then turned into patterns and reference materials for the Xero product team. As a result, Halo was deployed as standard for all EC2 instances.
Impact #2	Xero has expanded the scope of deployment. Initially, Halo was deployed to core platform systems, but as product teams migrated to AWS the scope of deployment was increased.
Impact #3	Xero worked closely with CloudPassage to build a strong relationship and to achieve the outcome they needed. This was a shared journey for Xero and CloudPassage.

Impact #1

Halo is easy to use. Working with CloudPassage, the Cloud Security Team at Xero quickly built up knowledge of the Halo platform, which was then turned into patterns and reference materials for the Xero product team. As a result, Halo was deployed as standard for all EC2 instances.

Impact #2

Xero has expanded the scope of deployment. Initially, Halo was deployed to core platform systems, but as product teams migrated to AWS the scope of deployment was increased.

Impact #3

Xero worked closely with CloudPassage to build a strong relationship and to achieve the outcome they needed. This was a shared journey for Xero and CloudPassage.

Download PDF Version

Overview

Xero Chooses Cloudpassage Halo for Workload Security at Devops Speed

Operational Impact