Kakaku.com, with headquarters in Tokyo, Japan, offers internet services that enhance online access to information. Kakaku.com serves a diverse group of clients with product offerings supporting multiple markets. For example, they deliver services for the price comparison site “Kakaku.com,” and improve usability for a restaurant discovery and reservation site, as well as providing information-retrieval services for a popular job search site. The company, which has over 20 years of service history, is currently supported by more than 20 subsidiaries, and its services support over 200 million unique visitors per month.
The IT team at Kakaku.com noticed that many IT departments lagged in their approach to adopting new technology. In contrast, Kakaku.com continuously studies technology trends in order to adopt new expertise faster. This strategy has served them well, as they were often able to exceed customer expectations through technology they had already deployed.
Members of Kakaku.com IT staff: Mr. Kanemoto, Mr. Sakagami, and Mr. Hashimoto
The adoption of container technology into the Kakaku.com development cycle is a great example of their proactive approach. A goal was set to speed its development process and deploy applications faster – without sacrificing security. Kakaku.com management quickly identified microservices application architecture, container workload environments, and Kubernetes on-prem as the best way to make this happen. However, a critical issue emerged during its planning phase; How to guarantee complete security in its containerized environment? Kakaku.com realized that threats could bypass static container image scanning at the build stage, so it was essential to secure the production environment with a comprehensive, end-to-end solution.
Although Kakaku.com found many security products that provided container image scanning before deployment, very few products could guarantee security seamlessly from development through deployment. Fortunately, during product evaluations, they discovered the Aqua cloud native security platform. Aqua provides container and cloud native application security over the entire application lifecycle – including runtime. Additionally, Kakaku.com learned that a reputable local technology vendor/reseller, Creationline Inc., had Kubernetes experience, as well as being a local technical representative for Aqua. It was the perfect match.
Kakaku.com was impressed with Aqua’s range of security features and the fact that Kakaku.com’s containers could run safely on Kubernetes. Based on its successful evaluation of Aqua, and pre-existing relationship with Creationline, Kakaku.com began operations using Kubernetes on-prem with Aqua on a comprehensive employment recruitment and search site. This combination effectively created a new development process that perfectly integrated security processes into Kakaku.com’s Development and Operations processes.
The new process, using GitLab, Kubernetes, and Aqua, enables enhanced operational efficiency and security. And is optimized to provide automation during application development through operations – while supporting a seamless progression of security measures. For instance, they now have an image scanner built into its CI/CD, and runtime protection using Aqua Enforcers during operation.
Using the security flow supported by Aqua, when an application developer pushes code to Git’s application repository, the CI/CD initiates a scan. If issues are found, security and operations personnel would be notified automatically.
Kakaku.com also relies on Aqua for threat detection and blocking, visualization, and meeting compliance requirements. Aqua was initially brought in for Kubernetes on-prem, but now cover all Kakaku.com system environments, such as Linux and Windows containers, cloud and on-premises deployment, orchestration tools, and multi-tenancy.
With Aqua, Kakaku.com had the perfect solution for their Kubernetes on-premises:
As time passed, the positive results from using Aqua were clear. During vulnerability screening operations, Kakaku.com can now automate its CI/CD to scan images with Aqua during the build to make sure there are no potential vulnerabilities – reducing or even eliminating human error. This provides for more reliable remediation and increased efficiency for Kakaku.com. Even if issues arise later, such as malware activity, Aqua detects and blocks it. Having the Aqua Vulnerability Scanner built into their CI/CD pipeline and Enforcers for runtime protection ensures that Kakaku.com can meet their security goals. Kakaku.com has found Aqua’s vulnerability detection to be rigorous and they appreciate that it provides related system information in context, with dependencies revised daily. They find the accuracy and continuous updating of Aqua’s security measures keep things current and improves reliability.
“Using Aqua makes it possible not only to perform a reliable scan before release
but also to prevent abuses after.”
Kazuki Hashimoto – Kakaku.com 1st Infrastructure Service Team
Aqua was also effective in terms of improving operational efficiency. Based on Kakaku.com’s conventional manual scanning process, image scanning that used to take almost an hour has been reduced to about 10 minutes. In fact, they have improved operational efficiency by 6x. Kakaku.com expects efficiency gains to become even greater as it adopts more services.
“I feel that we were able to realize DevSecOps that truly integrated development and operations with security,”
Ryo Sakagami – Kakaku.com 1st Infrastructure Service Team
With the addition of Aqua, the company believes they have taken an important step toward complete security for all the services they offer. Motivated by its initial success, Kakaku.com expects to expand the use of containers in the future.
With security throughout the development lifecycle, Aqua empowers Kakaku.com to: