Dawn Foods x Capital One Client Story

Dawn Foods, Inc

Shifting Security to the Left and Fortifying GCP Environment of Manufacturer’s eCommerce Site
INDUSTRY
Food and Beverage
PRODUCTS
Bakery ingredients and products
LOCATION
Renton, WA
ANNUAL REVENUE
$1.3B

Dawn Foods, Inc logo

PLATFORM

Google Cloud

 

ASSIGNMENT

Perform a security review of client’s Software Development Lifecycle (SDLC) processes as well as an architecture review of their eCommerce platform’s GCP environment, then help shift security practices “to the left “ in the development process while fortifying their cloud environment.

Project Challenges

ECommerce stores are a high value target for malicious actors looking to cause havoc, and Dawn Foods recognizes that securing their cloud infrastructure is a top priority to protect their customer’s data. ScaleSec is a Premier Google Cloud Consulting Partner that has been recognized for cloud security expertise and was a natural fit to work side-by-side with Dawn Foods to secure their Google Cloud Platform presence.

Overview

Dawn Foods is a leader in the Bakery Product Manufacturing Industry that recently built a robust, feature rich business-to-business digital ordering system on Google Cloud Platform (GCP). The B2B ordering system leverages many GCP managed services which take advantage of Google’s secure infrastructure, but there are still areas which Dawn Foods must secure and perform due diligence in relation to best practices to increase their cloud security posture.

Insight

Dawn Foods understands and acknowledges the criticality of security in the cloud and selected ScaleSec to perform a security review of their Software Development Lifecycle (SDLC) processes as well as an architecture review of their GCP environment.

Services Provided

ScaleSec performed two assessments for Dawn Foods, Inc: a GCP security review and a SDLC secure architecture review. The GCP security review was conducted collaboratively with Dawn Foods and covered areas such as Cloud Logging, Google Kubernetes Engine (GKE), Google Compute Engine (GCE), and secret management in the cloud.

The SDLC secure architecture review focused on build and deployment processes and procedures, Dawn Food’s organization and culture in relation to development practices, insight and visibility into the SDLC, as well as the GCP infrastructure used to support the build pipelines.

Results / Impact / Highlights

ScaleSec was able to provide tailored recommendations in order to bolster Dawn Foods’ security posture in GCP and enhance their current SDLC practices. Together with Dawn Foods, ScaleSec was able to “shift security to the left” by highlighting areas of improvement in the build and deployment pipelines for the business-to-business digital ordering system. This included analysis as “far left” as security-focused unit testing and as “far right” as continuous monitoring, alerting, and guidance on how to automate remediations for sub-second protection.

ScaleSec was able to provide short, medium, and long-term goals and actionable recommendations that provided immediate security enhancements as well as a roadmap for a more mature GCP environment for Dawn Foods.
bg-woman-phone-1221911038
"ScaleSec was able to provide short, medium, and long-term goals and actionable recommendations that provided immediate security enhancements as well as a roadmap for a more mature GCP environment."
AnonDawn Foods, Inc

Want to speak with a ScaleSec expert?

Want to optimize and transform your existing digital portfolio? Reach out to us.