AWS re:Inforce 2024
How H2oai Bridges Runtime Build Time Intelligence for Security Nis307 S

Title: AWS re:Inforce 2024 - How H2O.ai bridges runtime & build time intelligence for security (NIS307-S)

Insights:

  • Introduction to H2O.ai and Upwind: H2O.ai is a leading AI company specializing in automated machine learning (ML) and trusted by over 20,000 organizations globally. Upwind is a cloud security platform that provides end-to-end security for cloud infrastructure.
  • H2O.ai's Security Challenges: Before partnering with Upwind, H2O.ai faced several issues with their previous cloud security solution, including high costs, a noisy and unclear user interface, and a lack of DevOps integration.
  • Advantages of Upwind: Upwind offers a more DevOps-oriented approach, making it easier for DevOps engineers to understand and act on security issues. Its installation is simpler, using an eBPF-based agent that requires minimal configuration.
  • Consolidation and Efficiency: Upwind's single-agent approach contrasts with the previous "agentless" solution, which required multiple components and was more complex to manage. The transition to Upwind took only 24 hours.
  • Breaking Down Silos: Upwind helps bridge the gap between security and DevOps teams by providing a unified platform that both teams can use, reducing the time from issue detection to resolution.
  • Contextual Awareness: Upwind's platform provides context for vulnerabilities, showing which are critical based on factors like active internet connections and privilege escalation risks. This helps prioritize and address the most significant threats.
  • End-to-End Visibility: Upwind offers comprehensive visibility into the cloud environment, including network connections, resource usage, and historical data, which is crucial for investigating past incidents.
  • API and Network Mapping: The platform provides detailed maps of network connections and API endpoints, helping to identify and mitigate potential security risks.
  • Identity Management: Upwind integrates human and non-human identities, providing visibility into permissions and roles, which is essential for maintaining least privilege access and compliance.
  • Cost and Resource Optimization: By consolidating multiple security tools into Upwind, H2O.ai reduced costs and simplified management, achieving a single pane of glass for security monitoring.
  • Developer Integration: Upwind integrates with CI/CD pipelines, providing developers with runtime context during build scans, which helps in identifying and mitigating risks early in the development process.
  • Continuous Improvement: The partnership between H2O.ai and Upwind is ongoing, with continuous enhancements to address emerging security challenges and support rapid AI development.

Quotes:

  • "Upwind talks the DevOps language. Upwind is more DevOps oriented and it is easier for DevOps engineers and platform engineers to understand what are the key takeaways from the platform."
  • "True story is it took us around 24 hours to uninstall and install Upwind."
  • "With Upwind, because they really talk DevOps and their infrastructure is more, their UI is more oriented to DevOps and is easier to understand and everything is in context."
  • "The main benefit in using Upwind is that everything is in context and is relevant to our environment."
  • "Using Upwind, we're basically able to assess what permissions each role has, each pod has. We can see if it has AWS permissions via the details that we can see on the screen."
  • "Previously, before we had Upwind, we knew we had a Notebook service but we didn't really know what was going on behind the scenes."
  • "With Upwind, we're able to bridge that gap. We're able to talk the same language, understand things better, and collaborate better on the platform."
  • "We always look at the price of the platform that we're buying. We have an early fee that we pay the platform, but we never look into the resources that it's consuming in AWS."
  • "Today, as it's easier to understand what's going on in our environment, our engagement is higher. With higher engagement, we understand better what's going on in our environment and we can easily understand what needs to be done."
  • "It's bringing the developer closer to the actual actions of what he's doing. The developer can easily see what's going to happen if he merges the PR, what's going to happen after we build and deploy."
  • "This is a must-have for us because as an AI company and in the AI realm, with Gen AI, we can't wind down and deploy things and do things slower. We have to stay on track and do things even faster today with all the buzz around AI and Gen AI."
How Fortinet Uses Aws Services to Deliver a Secure Cloud Experience Sec223 SHow Natwest Uses Aws Services to Manage Vulnerabilities at Scale Tdr201