PsyInnovations Achieves Serverless Governance with PureSec

THE CHALLENGE

wayForward, the flagship product of PsyInnovations, is a mental and emotional wellness service that was built using AWS Lambda serverless platform. PsyInnovations wanted to add security controls and get visibility to the security posture of their serverless applications. However, application layer protection solutions designed for traditional applications did not meet the needs and could not be deployed on serverless architecture.

Sponsorships Available

Sponsorships Available

Sponsorships Available

RESULTS

1. Increased visibility into serverless applications, their threats and suspicious function invocations.
2. Enhanced security posture by integrating the PureSec serverless security platform into PsyInnovations CI/CD pipeline.
3. Enhanced resiliency against cyber-attacks by protecting serverless functions with PureSec’s runtime protection technology.
4. Dramatically reduced security administrative overhead compared to traditional application security solutions.
5. Increased awareness among developers and architects for serverless security and best-practices.

OVERVIEW

wayForward, the flagship product of PsyInnovations, is a mental and emotional wellness service that helps battle stress-related issues at both an individual and organizational level. The program can be tailored to B2C (individuals dealing with stress, anxiety and other personal issues) and B2B users (companies addressing employee concerns like job stress, work conflict, career pressure etc.) and as per their requirements, be delivered either digitally (via the app or website) or physically (through sessions, workshops and counseling).

PsyInnovations sought to safely enable the secure usage of serverless applications, control access, meet compliance regulations, protect data, and reduce security management costs and burden. wayForward AWS Lambda functions handle sensitive customer data, which needs to be properly secured.

“We needed to control our serverless applications, and needed the ability to give developers the freedom to build cutting edge innovative serverless applications, while making sure that these applications are secure. PureSec Serverless Security Platform made it possible.” Stan Miroshnikov, CTO and Co-Founder at PsyInnovations

SEARCHING FOR A SOLUTION

The PsyInnovations Cloud Security team outlined the criteria for a new security solution. “We were looking for a serverless security solution that could provide visibility, runtime protection, policy enforcement, and hardening of the security posture of serverless functions. PureSec was the only solution that could answer to our requirements

Traditional application security solutions were unsuitable given that they need to be installed on infrastructure, which is not possible in serverless. Moreover, existing solutions are not built with proper support for inspecting cloud-native events and protecting functions against serverless risks.”, Stan Miroshnikov.

THE SOLUTION

PureSec’s serverless security platform provides multi-layer threat protection for serverless architectures on AWS. The platform is designed exclusively for serverless applications and defends against known and unknown attacks. In addition, its security posture analysis capabilities help Psyinnovations developers with following AWS IAM (Identity and Access Management) best practices, and reduce the effort involved in achieving least-privileged security policies.

EASY DEPLOYMENT AND INTEGRATION

Psyinnovations deployed PureSec Serverless Security Platform in less than an hour. The PureSec runtime protection library did not increase function latency in a meaningful way thanks to its small footprint and high performance. The integration of the security posture analysis into their CI/CD pipeline provided several security recommendations which were fixed by the development team within a short time and helped Psyinnovations deploy more resilient code from the get-go.

A penetration test that was performed on the function demonstrated how the attacks were blocked by the PureSec runtime protection and the PureSec web console showed security alerts with forensic data providing full visibility to security incidents.