Bayad, multi-channel payment platform in the Philippines, will be securing its digital wallet platform with Aqua Security’s cloud native application protection platform (CNAPP).
Bayad is a subsidiary of the Manila Electric Company (Meralco) and has been investing in cloud native application methodologies, using container and serverless technologies to increase agility, scalability, and resilience of key applications. To overcome some of the security challenges associated with the shift to cloud native applications, Bayad sought to elevate its standard for cloud native security.
“Given Bayad’s direction for cloud adaptation, we had to prioritize security controls in this new environment to ensure that the environment remains secure and intact,” said Mel Migriño, CISO, Meralco Group. “We selected Aqua because it offers the capabilities that best match our environment from containers all the way to serverless.”
Leveraging Aqua’s platform, Bayad can assess security risks in the pipeline before applications get pushed into production. This includes detecting and remediating vulnerabilities in container images and serverless functions, security misconfigurations in cloud environments, and the presence of hidden secrets and sensitive data in application artifacts.
“With Aqua, we now have visibility on the vulnerabilities of our cloud native applications, and it helps us prioritize remediation, so our Security Operations team is not overwhelmed,” said Migriño.
The Aqua Platform is also used to extend security controls into production environments, where Aqua detects and prevents anomalous or disallowed behaviors at runtime. Bayad now adheres to industry best practices and compliance requirements, supporting principles of least privilege, detecting anomalies at runtime, and hardening cloud infrastructure.
“Highly regulated industries demand compliance and visibility,” said Robert D’Amico, Area vice president for Asia Pacific and Japan. “Aqua’s platform enables Bayad to enforce compliance across the entire application lifecycle and stop cloud native attacks. We’re thrilled to have partnered with Bayad to allow the team to reach its vision for compliance with industry requirements, greater security of critical applications and protection of sensitive business and customer data.”