Cebu Pacific Air
Blocking threats at scale and improving user satisfaction
With 2,000 employees at 13 global offices, Mimecast is transforming email and collaboration security for more than 40,000 organizations, protecting them against malicious activity, human error, and technology failure. Solutions include threat detection, awareness training, data retention, and more.
Reduces friction for developers and security teams
Creates efficiency throughout product development
Accelerates the software development process
Secures the cloud native environment
Increases business growth and productivity
Zscaler’s CNAPP is a fully integrated solution that allows us to cross-correlate better contextual analyses and fine-tune decision-making.
Employees make mistakes, technology fails, and engineers misconfigure applications. Cloud-first cybersecurity provider Mimecast works with organizations to mitigate the risk of these types of errors setting the stage for cyberattacks.
Mimecast had long run most of its SaaS offerings in its private cloud, consisting of globally distributed data centers. When the company made the strategic decision to embark on its own digital transformation journey, they began to incrementally shift product development to a cloud native environment. Mimecast’s engineering groups had to quickly learn new tools and processes for building cloud native products at speed.
At the same time, the security team asked: How can we support speed of development without sacrificing security or becoming a bottleneck?
“This is what drove our search for tools and services that could empower both the security and engineering organizations to mitigate risks and support rapid product delivery with minimal friction,” said Dr. Adedayo Adetoye, Director of Security Architecture and Engineering. “We knew there would be errors and misconfigurations, so we sought out a solution that would enable engineers to deploy secure products, detect misconfigurations, and rightsize privileges.”
He found the situational awareness and quick detection he was looking for in the Zscaler CNAPP.
Overprovisioned privileges and permissions are among the top drivers of compromise in organizations worldwide. Such oversights early in the development process can easily go unchecked and lead to serious cybersecurity issues when applications and solutions are rolled out.
As a cybersecurity professional, Dr. Adetoye was familiar with Zscaler, and when he looked into its cloud native application protection platform (CNAPP) solution, he determined it was a perfect fit. “Zscaler’s CNAPP solution gives us the advantage of not impeding our engineering team while they develop new products,” he said. “When something is misconfigured, we can detect it quickly and remediate the issue.”
Engineering teams want to move fast. Rather than delay their progress, Adetoye strove to remove as much friction from the process as possible while still maintaining a strong security posture. As a result of the Zscaler CNAPP’s integration with the integrated development environments (IDEs) and SecOps ecosystems, alerts can be generated during the development process, and teams can act on them immediately.
These triggers let the team know about workflow violations, compliance issues, and misconfigurations at each stage of the DevSecOps cycle. “Our engineers were familiar with the on-premises cloud environment, so switching to cloud native meant there were a lot of new tools to learn in a fast-paced environment,” Adetoye noted. “CNAPP acts as a failsafe for learning on the job.”
The integration between threat intelligence data from the wider Zscaler ecosystem into the CNAPP product allows us to detect threats sooner.
Mimecast’s teams focus on providing security support, guidance, and policy rather than managing infrastructure. With that in mind, any solution they consider needs to be based in an application programming interface (API) for ease of deployment.
The API-first approach allows Mimecast to do what they do best while Zscaler manages operations. “We prioritized API first, and Zscaler made it so easy for us. Implementing CNAPP was as simple as a single click—a script was deployed, and we were up and running,” Adetoye explained.
Once deployed, the Zscaler CNAPP gave the Mimecast team increased situational awareness. The CNAPP API integration gave them immediate and unprecedented visibility into the state of their cloud.
"The integration was seamless. My goal is to reduce friction as much as possible at every stage, and that’s exactly what Zscaler has done for us,” added Adetoye.
In the early days of Mimecast’s cloud native migration, the team leaned heavily on the Zscaler CNAPP’s cloud security posture management (CSPM) and cloud infrastructure entitlement management (CIEM) capabilities to reduce their observe, orient, decide, and act (OODA) loop for detecting misconfigurations and ensuring right-sized access levels. As their process matured, they were able to leverage the full scope of the Zscaler CNAPP’s capabilities.
Adetoye discovered an opportunity to assess risk within the developers' workflows. With Zscaler’s CNAPP, Mimecast can proactively shift left—move security earlier in the development process—and detect issues in the continuous integration and continuous deployment (CI/CD) pipeline.
“This process of infrastructure as code enables the engineers and reduces the cost of secure product development because issues are detected and fixed earlier,” Adetoye observed.
Bringing all these capabilities (CSPM, CIEM, IaC, CI/CD) together in a fully integrated platform gives the security team a single-pane-of-glass view that is easy to deploy and administer.
“Zscaler’s CNAPP goes beyond the baseline requirements of a modern DevSecOps organization. The additional capabilities for threat-informed attack surface management, risk posture assessment, and managed incident response services equip us with a well-rounded cybersecurity program in the cloud,” said Adetoye.
The additional capabilities for threat-informed attack surface management, risk posture assessment, and managed incident response services equip us with a well-rounded cybersecurity program in the cloud.
A key factor that sets the Zscaler CNAPP apart is the integration of threat intelligence from ThreatLabz—Zscaler’s global threat research team—and the best-in-class data security solution built into the world’s largest security cloud, the Zscaler Zero Trust Exchange. Proactively identifying and addressing risks as well as quickly pinpointing where sensitive data resides is helping Mimecast advance and evolve its journey to a cloud native environment.
“The integration between threat intelligence data from the wider Zscaler ecosystem into the CNAPP product allows us to detect threats sooner—for example, a container that may be communicating with a command-and-control system,” explained Adetoye.
Integration, fusion, cross-correlation of data, and extensive telemetry from the Zscaler ecosystem are critical for more accurate risk determination.
From the outset, the Mimecast team saw that these capabilities were important drivers of the company’s growth and productivity. “Integration with threat intelligence feeds and risk-based prioritization allows the team to focus on the most important issues. Security needs near-real-time detection of threats, along with the ability to apply guardrails in the form of policies as code—and that’s what Zscaler gives us,” said Adetoye.
Adetoye found that Zscaler’s CNAPP is a fully integrated solution that facilitates a smooth remediation feedback loop between the security and engineering teams. Rather than struggle with context-switching between tools that don’t talk to each other, the teams can get everything they need in a single view.
“CNAPP’s fully integrated solution allows us to cross-correlate better contextual analyses and fine-tune decision-making,” Adetoye said.
Perhaps the biggest surprise came when the engineering teams began using the product proactively.
“[T]he engineering teams have not seen the CNAPP tool as security’s tool, but rather a tool to help them self-serve and validate their solutions before there is a problem. They also have a vested interest in ensuring that their product is secure and is not the vector through which the company suffers an incident,” Adetoye explained.
Switching to cloud native meant there were a lot of new tools to learn in a fast-paced environment. CNAPP acts as a failsafe for learning on the job.
Mimecast hopes IaC capabilities will transform the relationship between engineering and security teams into a true partnership. The IaC feature embedded in the developers’ IDEs acts as a copilot, advising developers of best practices and organization-wide policies.
“We see great upside for gains in productivity and opportunities to prevent issues from leaking into production with CNAPP’s IaC capabilities,” said Adetoye.
The team is also excited about the Zscaler CNAPP’s CI/CD preventive controls. The potential to deliver the best possible quality in Mimecast’s products will contribute to greater efficiencies overall.
The ability to detect misconfigurations in near-real time with the Zscaler CNAPP gives Mimecast’s engineering teams more flexibility. By prioritizing ease of use and workflow support, Mimecast looks forward to the different ways CNAPP will improve productivity and relationships between its internal organizations.