Groupon deploys Wazuh to protect and monitor AWS
Industry: Electronic commerce
Groupon is an experiences marketplace where consumers discover fun things to do and local businesses thrive. It offers They offer their customers a wide selection of experiences at great values, and their merchants a reach to millions of consumers around the world.
For Groupon, security is vital. Its security team has been operating a full stack of security products to protect and monitor Amazon Web Services (AWS) and enhancing the security of the company.
Martin Petracca, the Information Technology Security Manager at Groupon,
was seeking an open source solution that could provide high customization and scalability in order to meet their needs.
After conducting an extensive evaluation of security solutions, Groupon selected the Wazuh platform. “Wazuh is the most comprehensive open source security solution, as it provides a wide range of capabilities, as well as integrations with other products and technologies such as AWS or VirusTotal”, said Martin.
In 2018, the Groupon security team started using Wazuh, gaining visibility and improving their security metrics while reducing costs. Furthermore, Wazuh has become their intrusion detection system of choice to comply with the Payment Card Industry Data Security Standard (PCI DSS).
“These wonderful open source tools like Wazuh allow us to obtain telemetry from multiple technologies, correlate events, and run investigations from a central management interface. Customization and integration with multiple tools are just some of the advantages of open source tools like this one”.
Martin Petracca, IT Security Manager
A key challenge for Groupon has been protecting and monitoringa very high volume of data from Amazon Web Services, without incurring prohibitive costs and allowing the solution to scale as necessary. The Groupon team sought clear security metrics, with good visibility and real-time monitoring in case of security incidents.
To accomplish this, they searched for an open source SIEM solution that allowed integration with other tools, particularly AWS. In Martin’s words, “there are multiple variables to verify before adopting an open source software, such as the existence of an active repository, the possibility of high customization, and professional support”.
Wazuh is a free, open source, and enterprise-ready security monitoring solution that offers integration with multiple tools.
“The integration of new solutions makes Wazuh, as the central monitoring tool it is, the perfect fit”
Martin Petracca, IT Security Manager
Wazuh is a free, open source, and enterprise-ready security monitoring solution that offers integration with multiple tools. “The integration of new solutions makes Wazuh, as the central monitoring tool it is, the perfect fit,” Martin said.
Furthermore, due to their scope of work, they required a solution that would allow high scalability, since “the number of agents needed could increase rapidly”.
For all these reasons they opted for Wazuh, which also allowed them to save costs, as “usually, SIEMs and other commercial cybersecurity products are very expensive”.
As a result, the Groupon security team have been able to achieve their goal of protecting and monitoring AWS services and improving their environment visibility with the Wazuh monitoring options, and all at a minimal cost.
Beyond this, Martin remarks that “not paying for a license is not the biggest advantage of using an open-source tool. It’s the customization, no vendor lock-in, source code available, scaling, community & support, and more.”
Along with Wazuh, Groupon chose other open source tools such as ELK, AWS native services, Prowler, and Cloudcustodian to achieve their goal, leveraging the high integration potential of Wazuh.
Need more information?
Our team will contact you soon