The customer
Kaltura, a New York based video technology company
Kaltura’s mission is to power any video experience for any organization. Kaltura is a video experience cloud which powers virtual events, communication, collaboration, learning, and entertainment for its users. Kaltura’s products are used by over 1,000 global enterprises, media companies, service providers, and educational institutions, engaging millions of viewers at home, work, and school.
Kaltura cloud-based, multi-region environment serves media at huge scale and throughputs, consisting of Terraform and helm structure. Kaltura’s Devops team works at a fast pace, constantly evolving and improving the system environment. The team has adopted the “shift left” approach to allow developers to take full responsibility for their code in each stage of the code life cycle.
Niv Shlomo, VP Platform at Kaltura
The Challenge:
Improving visibility, identifying, and eliminating misconfigurations.
The Platform and SecOps team at Kaltura wanted to improve visibility into their large production environment’s network, identity, permission, and service configurations in real-time. Furthermore, the team was looking for a solution that would help identify misconfigurations early in the development pipeline, show them in a contextual way, and fix them before they were deployed to a live production environment.
How Stream Security addresses Kaltura’s challenges:
Since Stream.Security has no agents and uses a frictionless built-in wizard, Kaltura was able to integrate their production environment within minutes. Within about an hour of scanning the environment for resource configurations, Stream displayed a live and continually updated visual representation of Kaltura’s production environment.
By providing the team with Event-driven impact analysis Stream.Security enables Kaltura to detect, verify, and visualize network, permissions, services connectivity, and exposure path misconfigurations across different accounts, VPCs, and regions at any given time.
Kaltura uses Stream.Security simulation for Terraform code as part of its infrastructure pipelines. Whenever someone pushes a new code, the simulation is used to test, validate, and verify what impact it will have on reachability, network connectivity, exposure paths, and accessibility. This enables the team to avoid downtime and security risks.
By integrating Stream.Security simulation within the infrastructure code pipeline, engineering teams can shorten and simplify the complex code review process, as well as reduce the number of mistakes that results in misconfigurations hitting the production environment.
Stream.Security allows Kaltura to move fast, delegate the Cloud infrastructure to the developers and helps Kaltura onboard new team members easily by visualizing any changes they make to the Kaltura eco-system, across all environments in Runtime and CI/CD cycles.
The tool gives visibility to Kaltura’s security teams to track and monitor all network and human activities, allowing them to investigate network and applicative paths.
Niv Shlomo, VP Platform at Kaltura
