Header Background Image

Case study

Building a microservices security platform

Cloud native
Cloud
Public clouds
Security
Monitoring & alerting
Full stack development

Client type

A start-up offering a security monitoring solution based on a service mesh

Business goal

Build a cloud-native microservices security platform to protect microservices effectively while giving the user a clear overview of all traffic

Our approach

  • Provide a team of software and DevOps engineers with experience in C++/Golang/Kubernetes, building cloud-native apps and security
  • Ensure smooth, close communication with the client, including weekly refinement meetings to define next steps and overall direction, daily sync meetings to discuss progress and solutions, communication on Slack channels
  • Maintain transparency and traceability via the Kanban board in Jira
  • Develop and provide unit and integration tests
  • Work with distributed teams: Gdańsk and Warsaw (Poland), Chennai (India), Palo Alto (USA)
Requirements

Business benefits

Requirements
  • Increased security: significant improvement of application security.
  • Quick reaction time: rapid detection of security threats and vulnerabilities.
  • Fewer errors: security policies are implemented automatically.
  • Better user experience: clear visualization of communication and dependencies between microservices.
  • Proactive approach: effective identification of PII leakage vulnerabilities.

Technical highlights

  • Mesh sidecars installed on client microservices to monitor all traffic.
  • Telemetry plugins collect all required information on the Client side.
  • Telemetry engine gets all required metadata, enhances it on the platform’s Controller side.
  • Analysis and views provided via dedicated web UI.
  • Security graph provides L4-L7+ visibility into workload interactions along with auto-discovery of API payloads.
  • A data flow map shows the flow of sensitive information in application environments.
  • Baselining and continuous drift detection sends alerts in real-time for any unsanctioned or anomalous application behavior.
  • Intelligent security analytics and preventive security controls at L7+.
Requirements

Technology stack

https://d33wubrfki0l68.cloudfront.net/d8a047215db69654f5051e38c9f6bb805fa17eea/b2dc0/img/go_logo.svg
https://d33wubrfki0l68.cloudfront.net/4294909c179a10e469c7cd96fa36822ccf8587ad/c3363/img/cpp_logo.svg
https://d33wubrfki0l68.cloudfront.net/82a49282c9ac0f7a4e6139749ba49ce3ca01ab9e/73a09/img/kubernetes_logo.svg
https://d33wubrfki0l68.cloudfront.net/3cebaabc9e4d49bf09844d0720c27a0b54f80f24/e0630/img/istio_service_mesh_logo.svg
https://d33wubrfki0l68.cloudfront.net/27bad1d529281fced5cc37e2b2ded95020e750f0/081a7/img/envoy_proxy_logo.svg
https://d33wubrfki0l68.cloudfront.net/e6de345699b42a50d101348818ad24d4a78e5690/48d46/img/ibm_cloud_logo.svg
https://d33wubrfki0l68.cloudfront.net/584c3d7724ccafea94b456b949268e8150ba1e13/caffb/img/circleci_logo.svg
https://d33wubrfki0l68.cloudfront.net/029e799cf6cf3ee5089ed3f3e2fdd0ff2be2ff37/2b6f7/img/terraform_logo.svg
https://d33wubrfki0l68.cloudfront.net/5419447265447c6cf5c68bb2ffaa811a29bf716d/63803/img/gcp_logo-1-.svg

Need support with your specific case?

For more information see our Privacy policy