How RSI Eliminated Noise,
Addressed Shadow Infrastructures,
and Ensured Compliance Excellence

Company Overview

Founded in 2012, Rush Street Interactive (RSI) supports some of the most recognized brands in online gaming, including BetRivers, PlaySugarHouse, and RushBet. From online casino games and social gaming to sports betting, RSI delivers to audiences around the world.

With a focus on leveraging cutting-edge technology and delivering exceptional customer service, Rush Street Interactive has rapidly grown its footprint in the competitive online gambling space. The company’s commitment to responsible gaming and regulatory compliance underscores its dedication to maintaining the highest standards of integrity and player protection.

Solutions

End-to-End Cloud Security

Within six weeks of partnering with Sysdig, RSI successfully deployed the Sysdig Platform as its cloud-native application protection platform (CNAPP), providing container and workload threat detection and vulnerability management. They also adopted Sysdig’s cloud security posture management (CSPM). Since then, RSI’s focus has broadened beyond Kubernetes, including leveraging Sysdig for cloud detection and response (CDR).

The company’s Kubernetes developers have integrated Sysdig into its development pipeline, and the database and DevOps teams have shown interest in the solution as well.

“In the past year, we’ve expanded Sysdig’s coverage to all of our production environments,” the Infrastructure Security Engineer said. “It has made an impact not just on the infrastructure team, but teams across the organization. We can now identify and assess vulnerabilities in various production environments, and so much more. That’s been incredibly valuable for us.”

Identify, Prioritize, Protect

With Sysdig, RSI’s Infrastructure Security team can now quickly identify and prioritize vulnerabilities more efficiently. The platform’s Risk View feature has also helped them nearly eliminate the noise from vulnerability scans, allowing them to instantly see if a vulnerability is in use and which resources are exposed.

“I like that Sysdig can correlate different events and vulnerabilities in one place,” Daminova said. “Of course, context is only valuable if you can act on it,” she explained. “Sysdig enhances our cloud security processes to the extent that we can take decisive action. Without Sysdig, we estimate that we would need to at least double the size of our Infrastructure Security team.”

RSI now promptly addresses vulnerabilities, prioritizing them based on their criticality.

“We’ve had instances where we identified vulnerabilities that require immediate attention and remediation, like those within the SSH protocol,” she continued.

Complete Visibility in One Dashboard

In addition to security, RSI also uses Sysdig to monitor everything from usage and roles to users and events, all from a single dashboard thanks to the platform’s ability to ingest and correlate logs.

“Without Sysdig, it would be far more complicated to get the information we need,” Daminova said. “The solution provides us with a single pane of glass, giving us complete visibility into the state of our infrastructure.”

“Without Sysdig, we wouldn’t even know what we don’t know,” Daminova added. “We’d have no insight into what problems we need to address. But with Sysdig, all the information is right there in a single dashboard.”

Meeting Compliance Needs

Sysdig also supports RSI’s compliance efforts, with the platform’s results factored into audits.

“We get requests from various stakeholders asking for specific evidence to support compliance audits. Sysdig has made it much easier for us to provide that evidence quickly,” Daminova said.

Building a Lasting Partnership

The support from the Sysdig team has been immensely valuable to RSI, with the company finding the team both responsive to feature requests and attuned to its needs.

Sysdig’s support team always responds quickly and professionally,” Daminova said.

Bolstered by this strong partnership, RSI is making ambitious plans for future use of Sysdig’s solutions. They intend to increase automation in their scans, and add image and security scanning for GitHub to streamline compliance at multiple levels. They are also keen on further automating security incident response.

Another major request is for expanded reporting, as more non-engineers within RSI have started expressing interest in Sysdig.

“Overall, Sysdig has been exceptional to work with,” she concluded. “The way they listen to and engage with us makes it clear they genuinely care about solving our challenges.”

To learn more about RSI, visit rushstreetinteractive.com.