A Knight in Shining Armor
Naturally, when vulnerabilities are found, developers and companies turn to the resources they trust to extract best practices and solutions that have worked in the past or for others. This process, when done manually, is painful, and the stories of survival are never ones willingly retold. The narrative is changing, though. A knight in shining armor has arrived in the form of an automated cloud security auditing and monitoring tool. Its name? CloudSploit.
CloudSploit has read-only access to the configuration metadata about cloud resources. Using their open source battery of tests, CloudSploit audits the configured state of services in search of potential misconfigurations that lead to security breaches, and to monitor activity in the accounts in real-time for suspicious behavior and insider threats. This service can be securely set up in less than two minutes and fully-managed from the start; open castle doors are never left unnoticed.
All Heads are Better than One
CloudSploit is a company built on the foundational mantra that all heads are better than one. It is for this reason that from the very beginning, the company’s choice to be Open Source was a strategic decision rather than a happy accident. Every day additions and advancements are made to existing clouds, services, and security, for good and for bad. As a result, new responses and solutions must be identified to incorporate into the CloudSploit product as well. As evidenced by their receiving the Cox Automotive award in 2018 for “Simplicity, Speed & Agility,” the team at CloudSploit has known all along that in order to build a business of best practices, they can never fair the journey alone.
The Only Option
Competitors with greater resources existed in the market, and more closed-source companies were starting to crowd the space. CloudSploit recognized that greater visibility could be gained by selling through Amazon Web Service Marketplace, gaining access to thousands of customers with dedicated AWS spends, simplified contracts and billing, and one-click deployment. While this increased visibility was attractive, getting their service ready for AWS Marketplace would mean diverting their efforts away from building those products. The one thing that CloudSploit knew they could not sacrifice was their foundational core value that the quality of contribution should always supersede the quantity of contribution. The team built their expertise around security and remained focused on what they do best. In a time of growing demand yet shrinking overall awareness, the CloudSploit team was stuck in a conundrum; the choice felt like one between risk of extinction due to loss of product and resource focus or risk of extinction due to loss of product and resource awareness. So for their AWS Marketplace efforts, they chose the third option and turned to Tackle.
“I can do marketing things, but that does not make me a marketer”
– Josh Rosenthal, Founder, CloudSploit
For many, the choice of Tackle might seem creative, but for CloudSploit, a company built on the principle of broadening the box of solutions for a more well-rounded view and informed decision rather than having to think outside of the box, the choice was obvious. In a time of need, CloudSploit did what they ask their customers to do – they did what was best for their company and turned to the experts at Tackle.
Tackle’s Upstream SaaS platform makes listing on AWS Marketplace quick and simple, reducing what is normally a months-long API integration process into a matter of days. Tackle streamlines the sales process, with a customized registration portal allowing customers like CloudSploit to gather a wealth of customer data post-purchase, plus Upstream handles error reporting with multiple checks performed daily to ensure accuracy of the sales data. In addition to the product, Tackle has built a library of best practices relating to AWS Marketplace, giving customers the playbook to accelerate their sales cycle and succeed on the Marketplace.
As the business co-founder of CloudSploit, Josh Rosenthal, explained, “Tackle not only has the framework needed, the process needed to work on that framework, and the expertise to present [CloudSploit’s] strengths when getting listed on the framework, the team at Tackle also has the deeper technical knowledge on how to do more than just get listed—to use all the functionality and to collaborate across our product and the partners that we have.” By turning to Tackle, CloudSploit had a packaged product offering, marketing, and go-to-market strategy created and implemented in a matter of weeks. Since the long-term partnership with Tackle has formed, CloudSploit has been able to noticeably unseed their multi-million-dollar competitors at large, international organizations; becoming the vendor of choice for over ten thousand scan results daily.
Thanks to Tackle Upstream, CloudSploit can continue to provide their customers with thorough audits of their data security, while trusting that Tackle is there to help them navigate the marketplace so they don’t have to divert their focus. When security experts like CloudSploit partner with AWS Marketplace experts like Tackle, everybody wins.