About the customer
Emnify is a leading cellular communications provider in the IoT stack, connecting millions of IoT devices globally (like sensors, trackers, and smart appliances). The emnify platform offers features like real-time monitoring, provisioning, and management tools through a single API, all built on a cloud-native architecture called the ‘SuperNetwork’.
Large AWS footprint
With its infrastructure built on AWS, emnify has a large footprint on AWS with several hundreds of EC2 instances and dozens of AWS accounts.
Security requirements
Nader Erian, Staff Security Engineer at emnify, is part of a team led by Benoit Flippen, CISO at emnify, who oversees security operations. The team is responsible for the security of the emnify platform and ensuring that it meets the highest security and compliance standards.
Emnify needed a vulnerability management solution that would allow them to:
- Understand the risk level of each vulnerability detected across the different infrastructure layers.
- Automate information gathering for AWS infrastructure and associated vulnerabilities to improve the overall vulnerability management process and assist during audits such as SOC 2.
The emnify team started looking into possible solutions. Several options were evaluated based on requirements and cost considerations.
Solution: Mondoo
After evaluating different solutions, emnify selected Mondoo. Nader: “With Mondoo we can see vulnerability data and perform queries from a single platform. This allows us to make better and faster decisions. We also get visibility into the criticality of any missed patches so we know which ones need to be fixed first.”
Depth of data: The depth of data in Mondoo is very helpful to emnify. For instance, Mondoo shows any potential attack vectors, related advisories, and how the issue needs to be patched. It also shows the risk of the vulnerability based on factors such as exploitability, network exposure, ease of exploitation, and any compensating controls. This intelligence is crucial for emnify to assess overall criticality.
Remediation guidance: Another important aspect is that Mondoo shows exactly which packages are affected and which package upgrade would solve the problem. This reduces the amount of research needed to remediate the issue and results in a faster MTTR (Mean Time To Resolution).
“With Mondoo we can see vulnerability data and perform queries from a single platform, which allows us to make better and faster decisions”.
Nader Erian, Staff Security Engineer, emnify
Workspaces: Mondoo workspaces have also been useful to emnify: “The ability for R&D engineers to log into the platform with assigned roles has been valuable. It allows them to view their assets, identify vulnerable packages that require updates, and access proposed patches for different operating system versions, significantly improving remediation efforts.”
S3 Exporter: Nader adds that “Mondoo’s extensive integrations—especially the AWS S3 Exporter—have been essential in automating ticket creation for their R&D teams, accelerating the speed at which emnify can fix vulnerabilities”.
Results
With the Mondoo platform, emnify achieved the following results:
- Prioritization insights: The intelligence provided by Mondoo on discovered vulnerabilities—such as whether an exploit exists in the wild or if a vulnerability is known to be actively exploited—has been crucial in assessing overall criticality.
- Accelerated decision making: Mondoo has been instrumental in helping emnify identify vulnerabilities across assets and plays a key role in their vulnerability ticket generation process.
- Faster remediation: The above, combined with other valuable insights within the platform, have greatly helped emnify accelerate the resolution of vulnerabilities and ensure the most critical ones are fixed first.
The customer support we receive from Mondoo has been outstanding”.
Nader Erian, Staff Security Engineer, emnify
Conclusion
With Mondoo’s unified view into the vulnerabilities across emnify’s entire infrastructure, it’s now far easier for emnify to quickly understand the risk level of each issue and focus on fixing the most critical ones first. These insights also provided valuable support during audits such as for SOC 2 compliance.
“Beyond the product itself, the customer support we receive from Mondoo has been outstanding,” said Nader. “The team is highly responsive, dedicated, and cooperative, always willing to listen to our feedback and continuously improve the platform. Their willingness to implement the features we have requested has been very much appreciated and is a great plus to the product, reinforcing our trust in Mondoo as a partner in our security strategy.”
