Case Studies

Highfive Case Study

Issue link: https://resources.threatstack.com/i/1063247

Contents of this Issue

Navigation

Page 0 of 1

About Highfive A market leader in video conferencing technology, Highfive enables teams to collaborate from anywhere in the world. The company's Business Collaboration Platform combines web, audio, and video conferencing in a single, integrated platform. Given the nature of its business, it is essential that Highfive have a reliable and secure backend to guarantee an unparalleled user experience grounded in uninterrupted, high-quality audio and video. The Challenges Highfive takes a forward-thinking approach to developing and operating its infrastructure, which means continuously leveraging the latest technology on AWS to scale and remain compliant with SOC 2 and GDPR. As is common, the need to scale has presented a number of security challenges including those related to taking on larger enterprise customers, responding to increasingly complex security questionnaires and compliance audits, and ensuring zero gaps in security coverage as they transition to and operate in a more heavily containerized infrastructure. Gaining Visibility As Highfive's Head of Infrastructure, Jameel Al-Aziz has built a policy-driven team to ensure that the company can scale with confidence. It wasn't always that way, however: "When I joined Highfive back in 2015, the engineering culture was pretty Wild West," Jameel recalled with a laugh. "I needed a way to keep an eye on what everyone was doing across the entire infrastructure." Based on prior experience, Jameel knew that Threat Stack's Cloud Security Platform ® was the answer. By leveraging Threat Stack's integration with AWS, Highfive gained visibility into how their infrastructure team was leveraging AWS Services such as IAM, S3, and RDS. Then, by deploying Threat Stack host-based agents onto Highfive's EC2 hosts, they were able to visualize all activity across their entire infrastructure. The value of the agent was immediately evident when it revealed a team-wide practice whereby engineers were pulling files they wanted to work on down to local machines. "This was a huge red flag," Jameel said, "and the Data Exfiltration rules built into Threat Stack notified us immediately." As a result, the Threat Stack Secures Highfive's Evolving Infrastructure FOUNDED 2012 HEADQUARTERS Redwood City, CA INDUSTRY Video Conferencing EMPLOYEES 133 C A S E S T U DY

Articles in this issue

Links on this page

view archives of Case Studies - Highfive Case Study