Optimized client's security domains, assessed adherence to Google Cloud best practices, and implemented recommended remediations. Utilized Terraform for automated Infrastructure as Code (IAC) deployment and embraced a proactive DevSecOps approach for early vulnerability identification and remediation.
- Leverage Lab aims to expand the usability of customer data for its clients.
- Recognizing the importance of user data privacy and security, Leverage Lab prioritized enhancing its cloud security competency.
- The focus was on validating the security of existing Google Cloud workloads.
- The goal was to establish a secure foundation for scaling security processes as the GCP footprint grows.
Leverage Lab’s strategic focus on development means it is challenging to dedicate tactical resources to security tasks. ScaleSec’s ability to efficiently integrate security into the development lifecycle was a motivating factor for Leverage Lab. This operating model empowers Leverage Lab to better meet demand from their expanding customer base without adding more internal resources.
Following this assessment, the ScaleSec team worked with Leverage Lab engineers to implement many of the recommendations made in the assessment report. The ScaleSec team started by using Terraform to implement an automated Infrastructure as Code (IAC) deployment pipeline. Using IAC, the Leverage Lab and ScaleSec teams built repeatable, modular templates that could be reused across each environment. These modular templates were combined to create a “secure, foundational baseline” that could be further built upon.