Internet Services Provider Kakaku.com Improves Security and Operational Efficiency with Aqua

Company Name
Kakaku.com
Organization Size
201 - 500 Employees
Industry
Technology, Information and Internet
HQ
Tokyo, Japan

  

Technology Stack
    GitLab
    Kubernetes Clusters
    Linux Environment
    Microsoft Environment

Customer Overview

Kakaku.com, with headquarters in Tokyo, Japan, offers internet services that enhance online access to information. Kakaku.com serves a diverse group of clients with product offerings supporting multiple markets.  For example, they deliver services for the price comparison site “Kakaku.com,” and improve usability for a restaurant discovery and reservation site, as well as providing information-retrieval services for a popular job search site. The company, which has over 20 years of service history, is currently supported by more than 20 subsidiaries, and its services support over 200 million unique visitors per month.

The Challenge: Streamlining and securing container application lifecycles

The IT team at Kakaku.com noticed that many IT departments lagged in their approach to adopting new technology. In contrast, Kakaku.com continuously studies technology trends in order to adopt new expertise faster. This strategy has served them well, as they were often able to exceed customer expectations through technology they had already deployed.

Members of Kakaku.com IT staff: Mr. Kanemoto, Mr. Sakagami, and  Mr. Hashimoto

The adoption of container technology into the Kakaku.com development cycle is a great example of their proactive approach.  A goal was set to speed its development process and deploy applications faster – without sacrificing security. Kakaku.com management quickly identified microservices application architecture, container workload environments, and Kubernetes on-prem as the best way to make this happen. However, a critical issue emerged during its planning phase; How to guarantee complete security in its containerized environment? Kakaku.com realized that threats could bypass static container image scanning at the build stage, so it was essential to secure the production environment with a comprehensive, end-to-end solution.

“In recent years, Kubernetes has become the industry standard and the entire market seems to be heading there… we decided to strategically and proactively adopt container technology.”
Koji Kanemoto, General Manager of System Platform Department

The Solution: Security throughout the application lifecycle

Although Kakaku.com found many security products that provided container image scanning before deployment, very few products could guarantee security seamlessly from development through deployment. Fortunately, during product evaluations, they discovered the Aqua cloud native security platform. Aqua provides container and cloud native application security over the entire application lifecycle – including runtime. Additionally, Kakaku.com learned that a reputable local technology vendor/reseller, Creationline Inc., had Kubernetes experience, as well as being a local technical representative for Aqua. It was the perfect match.

Kakaku.com was impressed with Aqua’s range of security features and the fact that Kakaku.com’s containers could run safely on Kubernetes. Based on its successful evaluation of Aqua, and pre-existing relationship with Creationline, Kakaku.com began operations using Kubernetes on-prem with Aqua on a comprehensive employment recruitment and search site. This combination effectively created a new development process that perfectly integrated security processes into Kakaku.com’s Development and Operations processes.

The new process, using GitLab, Kubernetes, and Aqua, enables enhanced operational efficiency and security. And is optimized to provide automation during application development through operations – while supporting a seamless progression of security measures. For instance, they now have an image scanner built into its CI/CD, and runtime protection using Aqua Enforcers during operation.

Using the security flow supported by Aqua, when an application developer pushes code to Git’s application repository, the CI/CD initiates a scan. If issues are found, security and operations personnel would be notified automatically.

Kakaku.com also relies on Aqua for threat detection and blocking, visualization, and meeting compliance requirements. Aqua was initially brought in for Kubernetes on-prem, but now cover all Kakaku.com system environments, such as Linux and Windows containers, cloud and on-premises deployment, orchestration tools, and multi-tenancy.

With Aqua, Kakaku.com had the perfect solution for their Kubernetes on-premises:

  • Works seamlessly with their CI/CD pipeline
  • Provides automated security
  • Scans for any vulnerabilities during the build phase
  • Ensures container image integrity in their operating environment
  • Deploys easily on Kubernetes clusters for runtime security
  • Secures Linux and Windows environments
  • Realizes support through a local certified Aqua partner
"We initially thought that image scanning at build-time was the only security we needed. However, we soon realized that it’s essential to check for issues not only at the time of build but also in the actual operating environment."
Ryo Sakagami, 1st Infrastructure Service Team

Customer Benefits: Faster and more secure application development

As time passed, the positive results from using Aqua were clear. During vulnerability screening operations, Kakaku.com can now automate its CI/CD to scan images with Aqua during the build to make sure there are no potential vulnerabilities – reducing or even eliminating human error. This provides for more reliable remediation and increased efficiency for Kakaku.com. Even if issues arise later, such as malware activity, Aqua detects and blocks it. Having the Aqua Vulnerability Scanner built into their CI/CD pipeline and Enforcers for runtime protection ensures that Kakaku.com can meet their security goals. Kakaku.com has found Aqua’s vulnerability detection to be rigorous and they appreciate that it provides related system information in context, with dependencies revised daily. They find the accuracy and continuous updating of Aqua’s security measures keep things current and improves reliability.

“Using Aqua makes it possible not only to perform a reliable scan before release
but also to prevent abuses after.”
Kazuki Hashimoto – Kakaku.com 1st Infrastructure Service Team

Aqua was also effective in terms of improving operational efficiency. Based on Kakaku.com’s conventional manual scanning process, image scanning that used to take almost an hour has been reduced to about 10 minutes. In fact, they have improved operational efficiency by 6x. Kakaku.com expects efficiency gains to become even greater as it adopts more services.

“I feel that we were able to realize DevSecOps that truly integrated development and operations with security,”
Ryo Sakagami – Kakaku.com 1st Infrastructure Service Team

With the addition of Aqua, the company believes they have taken an important step toward complete security for all the services they offer. Motivated by its initial success, Kakaku.com expects to expand the use of containers in the future.

With security throughout the development lifecycle, Aqua empowers Kakaku.com to:

  • Employ security that is effective and easier to manage
  • Confidently detect vulnerabilities in images
  • Ensure security throughout Operations
  • Eliminate human error when addressing security tasks
  • Improve operational efficiency 6x
  • Provide a robust and consistent security response
"From now on, we plan on applying container technology using Kubernetes and Aqua, depending on the needs of each service."
Koji Kanemoto, General Manager of System Platform Department