How RAD Security Saved One Customer $300K a Year in Cloud Spending and Became a Business Enabler

Recently, one of our customers in the financial services sector shared with us that RAD Security had helped them save over $300,000 a year in cloud spending. What they shared can be summarized into three common themes that we believe may help other customers, too:

The Cost of In-Security

The first category of cost savings our customer experienced can be characterized by two old adages: "if it ain’t broke, don’t fix it" and "there’s nothing more permanent than a temporary solution."

All changes, whether they are minor patches or major architectural reworks, come with costs and risks. Especially when you need to support legacy software that may not handle change gracefully and have an imperative to avoid operational disruption, this creates incentives in your engineering decision making that may favor more technical debt in exchange for current (perceived) stability. This is the kind of situation our customer found itself in. In their specific case, the technical debt was represented by remaining on an older version of managed Kubernetes at their cloud provider. This version was no longer available for new deployments and could only receive cloud provider support by paying additional fees. However, there are plenty of other ways this same type of conundrum could manifest: complicated networking architectures, redundant data layers, “lift and shift” workloads, etc. These decisions carry with them multiple costs: financial, technical, and security costs.

The security considerations are ultimately what turned the tide in this particular case. RAD Security was able to highlight several security risks— including some un-patchable CVEs— which made this technical debt no longer tenable. When the customer followed RAD’s advice to upgrade to a more recent version of Kubernetes, they also reaped some significant cost savings by dropping those extra support fees.

We raise this story to note something that isn’t always considered when evaluating security risks: that often “accepting” or deferring on a security risk can carry additional financial cost. In cases like these, security not only provides protection to the organization, it also acts as a business enabler by freeing up needed resources.

Tool Consolidation Saves Resources of All Kinds

The second category of savings our customer experienced further illustrates this point.

We’ve all experienced the proliferation of security agents or tools in IT environments. For example: tools to analyze network traffic, monitor endpoints for suspicious behavior, scan those same endpoints for malware and scan them again for file integrity violations and again for mis-configurations, agents to collect logs, agents to prevent sensitive data being shared outside the organization, agents to provide access to company resources, and so on and so forth. Each of these tools comes with a cost, whether that be licensing fees, infrastructure requirements, staff power, or a combination of all three. Perhaps most impactful, though, is the cost in attention for your security team. Simply put, the more places you need to look to spot a potential problem, the more likely you are to miss one. The resulting blind spots redound to the benefit of attackers, who may avoid detection not because the tooling didn’t exist to find them but because the attention didn’t exist to watch the tooling.