Arkose Labs Beats the Bots
with 6-to-1 Tool Consolidation
and 20% Cost Savings

Company Overview

We’ve all seen them. There are “good” bots – the ones we rely on to search and find things on the internet. And there are “bad” bots – the ones that launch credential stuffing attacks, execute account takeovers, steal intellectual property, or perform SMS toll fraud. Bot mitigation is about identifying and blocking the unwanted or malicious bot traffic that hits applications or networks in order to reduce risk.

Established in 2015, Arkose Labs is a global leader in the fraud detection and prevention market – a market projected to grow to $141.75 billion by 2028. Its platform uses a combination of machine learning, behavioral analysis, and human intelligence to detect and mitigate bot attacks and fraudulent activities such as account takeovers and payment fraud.

Solutions

Reducing Spend by Consolidating Tools

With six solutions already in place – AWS GuardDuty, AWS Security Hub, AWS Config, Tenable, SentinelOne, and Lacework – Arkose Labs seized the opportunity to consolidate its cloud security tools. The objective was to manage vulnerability, security posture, and compliance, and to protect against intrusions in all cloud environments across workloads and cloud services with a single platform. Arkose Labs found its answer in Sysdig Secure.

Sysdig Secure takes a comprehensive approach to cloud security by rooting everything it does in its unique runtime insights. Sysdig helps organizations improve security posture by focusing on the vulnerabilities, misconfigurations, and compliance gaps that create the greatest risk. With Sysdig Secure, Arkose Labs can detect threats in real time, prioritize the vulnerabilities that matter, and fix them fast with context.

“We first looked at Sysdig for its container runtime security,” Bourgault explained, “but when we actually opened up the hood and looked around, we realized that the solution offered quite a lot more than we ever imagined. Basing everything Sysdig does on runtime insights enables faster threat detection, better vulnerability management, better cost optimization, and ultimately, better security posture.”

It was this revelation that drove Arkose to replace multiple solutions with Sysdig, netting the company an overall cost savings of more than 20%. “With Sysdig, we consolidated six tools to one, saving both time and money,” Bourgault said.

As a leading cloud-native application protection platform (CNAPP), Sysdig provides visibility and protection to applications from build through runtime. In addition to saving money, choosing a solution that provides end-to-end detection reduces complexity and improves the developer experience.

The Right Blend of Human Expertise and Artificial Intelligence

“When we looked at Sysdig’s roadmap, we explicitly asked, ‘What are you going to do in the next five years?’” Bourgault said. “Other cloud security vendors we were evaluating were going in a direction that we either already covered, or didn’t feel was right for Arkose – basically a lot of black-box ideas that didn’t suit what we believe in as a company.”

“Sysdig offers a customizable platform where we can be straightforward and write our own rules,” he explained. “And if something isn’t working, we can go figure it out. Sysdig is the exact blend of human expertise and artificial intelligence that allows us to properly protect against unknown threats – and that’s where our philosophies are perfectly aligned.”

Saying Goodbye to the Bystander Effect

“We’ve all heard the phrase, ‘Security is everyone’s responsibility’,” Arrowsmith said. “But there’s also something called the ‘bystander effect,’ whereby everyone thinks security is someone else’s job.” In the past, an Arkose Labs team member would find an issue, but there was no visibility into whether it had already been reported. As a result, it would either go unreported, or there would be multiple reports of the same issue.

“Production data was scattered around all regions and environments, and we were dealing with a lot of load,” he continued. “Every time we got a new server, we would have security issues, and there was a tremendous amount of noise hitting both the security team and the developers. It was a bit chaotic, and the noise hid the true risk.”

With insight into in-use risk exposure with Sysdig, Arkose Labs no longer has this challenge. Sysdig eliminates noise and prioritizes vulnerabilities based on runtime insights. “The number and complexity of vulnerabilities can be overwhelming in cloud-native environments,” Arrowsmith explained. “We knew that AWS tools could only take us so far. Based on criteria we set, Sysdig bubbles up what poses the greatest risk so we can prioritize what needs to be addressed immediately versus later.”

By focusing on what has in-use risk exposure, Sysdig can cut vulnerability noise by 95%.

Energizing the Arkose Security Culture

For Arkose Labs, a key to scaling its security strategy has been giving developers the tools and insights they need to prioritize where to focus time and effort to address security issues. With Sysdig, Arkose Labs teams are easily able to get a good view of security posture and compliance, as well as report quickly on the entire pipeline’s dependencies. Arkose Labs is equipped to act fast and reassure customers that their supply chain is not at risk when new threats emerge, like they did with Log4j.

“Having a tool that takes action is important to us,” Arrowsmith said. “Our engineers don’t need to waste time researching and prioritizing their patching. Sysdig does it for them.” Instead of reacting to security regressions after deployment, issues are picked up automatically – even before code review takes place. “Now our teams are able to focus on what they do best,” Arrowsmith concluded, “delivering solutions that help our customers protect against online fraud and account security.”

Visit arkoselabs.com to learn more about Arkose Labs.