CHALLENGES
Security with flexibility and ease of access
As Better grew, its larger scale brought increased security threats. The company wanted to mature its approach to threat detection and response and use automation to make its Security Operations Center (SOC) team more efficient and effective. “As we scaled up, we couldn’t keep up with all the threats that were coming in,” says Ali Khan, Chief Information Security Officer at Better. “A lot of them were rinse-and-repeat alerts. It’s not something we really needed a human for; you can automate this.”
From a business standpoint, Better also needed to ensure secure online access for customers and employees. In the wake of the COVID-19 pandemic, the company was intent on making a safe and secure transition to remote work for its employees. It had an existing virtual private network (VPN) but wanted a cloud-based solution that would be easier to scale and manage–and more accessible for users to adopt.
Securing data was another important priority. As a digital-first homeownership company, Better manages tremendous volumes of confidential, sensitive and highly valuable information. Customer Personal Identifiable Information (PII) and the company’s intellectual property (IP) had to be secured. Data loss prevention (DLP) from breaches or other incursions was another primary focus.
From a business standpoint, Better also needed to ensure secure online access for customers and employees. In the wake of the COVID-19 pandemic, the company was intent on making a safe and secure transition to remote work for its employees. It had an existing virtual private network (VPN) but wanted a cloud-based solution that would be easier to scale and manage–and more accessible for users to adopt.
Securing data was another important priority. As a digital-first homeownership company, Better manages tremendous volumes of confidential, sensitive and highly valuable information. Customer Personal Identifiable Information (PII) and the company’s intellectual property (IP) had to be secured. Data loss prevention (DLP) from breaches or other incursions was another primary focus.
“As we scaled up, we couldn’t keep up with all the threats that were coming in. A lot of them were rinse-and-repeat alerts. It’s not something we really needed a human for; you can automate this.”
Ali Khan
CISO,
Better Home & Finance
SOLUTION
Improved efficiency and enhanced security.
After positive discussions with Palo Alto Networks sales and technology teams, Better immediately recognized the value of Palo Alto Networks Next-Generation Firewalls. This led the company to confidently embark on its security journey with Palo Alto Networks, deploying the firewalls as the first step.
When Better was looking to replace its VPN, Palo Alto Networks came to mind again. An Executive Briefing Center session helped Better evaluate Prisma Access as a means of providing consistent security to its remote networks and mobile users. Prisma Access offers consolidated best-in-class and cloud-delivered Zero Trust Network Access (ZTNA) 2.0 security with the best user experience on a single unified platform. A proof of concept soon followed.
During this time, the COVID-19 pandemic ramped up. With help from Palo Alto Networks technical experts, Better was able to quickly and confidently pivot to remote work for its employees. Together, Better and Palo Alto Networks enabled secure access for the entire Better remote workforce in just one week and eventually scaled up to the entire staff. “Prisma Access allowed us to securely deliver our software solutions internally to our employees anywhere in the world,” Khan says. “That was a huge game changer.”
Next, Better reviewed its internal security systems and recognized an opportunity to update and reinforce its SOC with Cortex XDR. Simplifying SecOps with one solution for threat detection and response across all data and endpoints, Cortex XDR delivers enterprise-wide protection by analyzing data from any source to stop sophisticated attacks. As part of its review, Better conducted a four-week evaluation, during which its red team crafted custom-made malware to attack Cortex XDR. In every instance, Cortex XDR came out on top, detecting the threat and defending against it. To streamline its operations and enable greater automation for its SOC, Better also adopted Cortex XSOAR, which enriches data, improves alert triage, and automates repetitive tasks to reduce investigation time from hours to minutes. As threat alerts arrived, Cortex XSOAR allowed for automation of 90 percent of responses.
In addition to helping its teams scale and focus on what matters most, Better partnered with the Unit 42 Managed Detection and Response (MDR) Service. Unit 42 experts work as an extension of Better’s security team to detect and respond to cyberattacks 24/7.
Most recently, Better looked to shore up security across its cloud environment. “As we grew, we couldn’t keep up with securing our infrastructure on our own,” Khan notes. “It was too much manual work, and we had dozens of AWS accounts and hundreds of servers.” Prisma Cloud allowed Better to evaluate its cloud security posture, improve consistency and reduce the manual burden on security employees. This not only brought time savings but also allowed staff to focus on more strategic activities and improved collaboration across teams.“Prisma Cloud was very well received by our internal engineers,” Khan says. “It was easy to connect to AWS and didn’t interfere with our development lifecycles. When deploying software or products, our security team can use it, and our engineers have visibility into it. They’re very happy with the interface—it shows them the issues they’re facing and suggests how to resolve them.”
Along every step of the way, Palo Alto Networks customer support and services staff worked closely with Better to ensure that each product was deployed and adopted easily to fit employee needs.
When Better was looking to replace its VPN, Palo Alto Networks came to mind again. An Executive Briefing Center session helped Better evaluate Prisma Access as a means of providing consistent security to its remote networks and mobile users. Prisma Access offers consolidated best-in-class and cloud-delivered Zero Trust Network Access (ZTNA) 2.0 security with the best user experience on a single unified platform. A proof of concept soon followed.
During this time, the COVID-19 pandemic ramped up. With help from Palo Alto Networks technical experts, Better was able to quickly and confidently pivot to remote work for its employees. Together, Better and Palo Alto Networks enabled secure access for the entire Better remote workforce in just one week and eventually scaled up to the entire staff. “Prisma Access allowed us to securely deliver our software solutions internally to our employees anywhere in the world,” Khan says. “That was a huge game changer.”
Next, Better reviewed its internal security systems and recognized an opportunity to update and reinforce its SOC with Cortex XDR. Simplifying SecOps with one solution for threat detection and response across all data and endpoints, Cortex XDR delivers enterprise-wide protection by analyzing data from any source to stop sophisticated attacks. As part of its review, Better conducted a four-week evaluation, during which its red team crafted custom-made malware to attack Cortex XDR. In every instance, Cortex XDR came out on top, detecting the threat and defending against it. To streamline its operations and enable greater automation for its SOC, Better also adopted Cortex XSOAR, which enriches data, improves alert triage, and automates repetitive tasks to reduce investigation time from hours to minutes. As threat alerts arrived, Cortex XSOAR allowed for automation of 90 percent of responses.
In addition to helping its teams scale and focus on what matters most, Better partnered with the Unit 42 Managed Detection and Response (MDR) Service. Unit 42 experts work as an extension of Better’s security team to detect and respond to cyberattacks 24/7.
Most recently, Better looked to shore up security across its cloud environment. “As we grew, we couldn’t keep up with securing our infrastructure on our own,” Khan notes. “It was too much manual work, and we had dozens of AWS accounts and hundreds of servers.” Prisma Cloud allowed Better to evaluate its cloud security posture, improve consistency and reduce the manual burden on security employees. This not only brought time savings but also allowed staff to focus on more strategic activities and improved collaboration across teams.“Prisma Cloud was very well received by our internal engineers,” Khan says. “It was easy to connect to AWS and didn’t interfere with our development lifecycles. When deploying software or products, our security team can use it, and our engineers have visibility into it. They’re very happy with the interface—it shows them the issues they’re facing and suggests how to resolve them.”
Along every step of the way, Palo Alto Networks customer support and services staff worked closely with Better to ensure that each product was deployed and adopted easily to fit employee needs.
“Palo Alto Networks brought the best and brightest in terms of account management and technical account management. We’ve seen a continued culture of excellence.”
Ali Khan
CISO,
Better Home & Finance
Results
Platform approach meets business and security challenges.
For Khan, there’s significant value in a unified platform approach: “A very strong security posture beats having
piecemeal products from several different vendors.” Recently, Khan reported on the security initiative to the
company’s board of directors. “Palo Alto Networks is not just a security vendor,” he told them. “They’re a critical
partner of the business. If we don’t have Palo Alto Networks, we don’t have security.”
-
Scalable and secure access increase agility
By rapidly shifting its remote workforce to Prisma Access in just one week, Better is consistently protecting its people, data and apps. Secure work can now be done anywhere, increasing the flexibility and agility of its employees. -
Visibility and control enable cloud transformation
Better gained visibility across its AWS resources, bringing transparency to its security and engineering teams. Both teams were impressed with the simplicity of connecting to AWS and the intuitive user interface of Palo Alto Networks products. Prisma Cloud, for example, functions independently from Better’s preexisting AWS workflows, allaying engineers’ concerns that it would interfere with development lifecycles or software deployment. In the future, the company will extend Prisma Cloud to Microsoft Azure environments, which it’s starting to adopt. -
Automation improves SOC efficiency
By combining rich data from Cortex XDR and automating 90% of threat responses with Cortex XSOAR, Better’s SOC team decreased its mean time to respond (MTTR). SOC staff can now focus on the highest priority alerts and rely on Cortex to automate most of their investigations and responses. -
Security consolidation lowers costs
Migrating from four different security vendors to a unified platform approach from Palo Alto Networks allowed Better to substantially lower costs. These economies of scale have resulted in more seamless transactions and favorable pricing.
Partnering together on what’s next.
With Palo Alto Networks as its security partner, Better has continuously strengthened its security posture while expanding its product offerings to customers and bringing safe, secure remote work to its employees. But the journey is never done. As it looks ahead toward emerging technologies and potential security threats, Better continues to deepen its collaboration with Palo Alto Networks, building trust with customers and employees.
“Palo Alto Networks is not just a security vendor. They’re a critical partner of the business. If we don’t have Palo Alto Networks, we don’t have security.”
Ali Khan
CISO,
Better Home & Finance