Signal Sciences is making “smart security for the modern web.” The company – whose founding team ran security at ecommerce site Etsy – helps customers get visibility into security threats and provides insights to prioritize security resources to address attacks as they occur. With greater visibility and coverage, security teams are able to make informed decisions and confidently run their business’ web applications.
Overcoming the challenges around timely security incident management and resolution
Zane Lackey, founder and Chief Security Officer (CSO) at Signal Sciences is the executive responsible for the organization’s entire security posture. Securing customer data, protecting their next generation web platform, and internally delivering a secure IT infrastructure is his focus. The company as a whole wanted to overcome challenges not only just around security incident management, but also around altering and resolution.
Issues around manually coordinating security incident management and response involved a great deal of effort and maintenance. “It wasn’t pretty! Previously at other companies, we had to build our own internal versions of PagerDuty to get alerts when critical security events were occurring,” said Lackey. “Time and resources would go towards developing and maintaining these home-grown solutions versus focusing on the security imperative. This wasn’t the best use of our time as security practitioners.” As a repeat customer, Lackey, was familiar with the pitfalls and wasted resources of running an environment without PagerDuty.
PagerDuty enables Signal Sciences to orchestrate the ideal response and reduce the impact of security incidents by notifying and recruiting the right people to address system anomalies. Signal Sciences has instant visibility into incident status and who is on call, unlimited escalation options, and the ability to recruit additional responders from any team. “PagerDuty helps us stay on top of our security posture and resolve security incidents faster and more consistently,” said Lackey.
Integrating with security monitoring and log management tools, PagerDuty provides a unified view across the entirety of security operations, with built-in triage and scheduling capabilities to ensure security teams work collaboratively to address anomalies quickly. “In a timely fashion, we want to ensure that there is a path of escalation and PagerDuty allows us to trust that nothing will slip through the cracks,” stated Lackey.
“PagerDuty helps us stay on top of our security posture and resolve security incidents faster and more consistently.”
– Zane Lackey, CSO, Signal Sciences
PagerDuty plays a key role when escalating and recruiting people as needed to help shorten mean-time-to acknowledge (MTTA) and mean-time-to-resolve (MTTR). PagerDuty combined with Signal Sciences own web application visibility and defense product has helped the company reduce its MTTR by getting subject matter experts to explore and investigate anomalies faster, which in turn keeps customer data and the IT infrastructure safe. PagerDuty allows Signal Sciences to be even more proactive versus reactive with investigations. In the end, the combination of Signal Sciences next-generation web application firewall and PagerDuty allows Signal Sciences to not only provide proactive response capabilities so their product and infrastructure are secure, but also provide the same measures to protect their customers.
Signal Sciences has experienced first hand the many benefits that implementing PagerDuty brings; including, notifying the right subject matter expert or team in time, escalating issues to the right expert when needed, and most importantly, giving teams the confidence that they will receive the critical information they need at the right time when necessary. “PagerDuty allows us to move quickly. Being able to react immediately helps us move our business faster,” said Lackey.