The customer
Kaltura, a New York based video technology company
Kaltura’s mission is to power any video experience for any organization. Kaltura is a video experience cloud which powers virtual events, communication, collaboration, learning, and entertainment for its users. Kaltura’s products are used by over 1,000 global enterprises, media companies, service providers, and educational institutions, engaging millions of viewers at home, work, and school.
Kaltura cloud-based, multi-region environment serves media at huge scale and throughputs, consisting of Terraform and helm structure. Kaltura’s Devops team works at a fast pace, constantly evolving and improving the system environment. The team has adopted the “shift left” approach to allow developers to take full responsibility for their code in each stage of the code life cycle.
Niv Shlomo, DevOps Group Manager at Kaltura
The Challenge:
Improving visibility, identifying, and eliminating misconfigurations.
The Devops team at Kaltura wanted to improve visibility into their large production environment’s network, identity, permission, and service configurations in real-time. Furthermore, the team was looking for a solution that would help identify misconfigurations early in the development pipeline, show them in a contextual way, and fix them before they were deployed to a live production environmen.
How Stream Security addresses Kaltura’s challenges:
Since Stream.Security has no agents and uses a frictionless built-in wizard, Kaltura was able to integrate their production environment within minutes. Within about an hour of scanning the environment for resource configurations, Stream displayed a live and continually updated visual representation of Kaltura’s production environment.
By providing the team with real-time visibility into the current state of their environment, Stream.Security enables Kaltura to detect, verify, and visualize network, permissions, services connectivity, and exposure path misconfigurations across different accounts, VPCs, and regions at any given time.
Kaltura uses Stream.Security simulation for Terraform code as part of its infrastructure pipelines. Whenever someone pushes a new code, the simulation is used to test, validate, and verify what impact it will have on reachability, network connectivity, exposure paths, and accessibility. This enables the team to avoid downtime that can result from availability issues and notifies them of potentially high-risk code changes that would otherwise be difficult to predict.
By integrating Stream.Security simulation within the infrastructure code pipeline, engineering teams can shorten and simplify the complex code review process, as well as reduce the number of mistakes that results in misconfigurations hitting the production environment.
Stream.Security allows Kaltura to move fast, delegate the Terraform infrastructure to the developers and helps Kaltura onboard new team members easily by visualizing any changes they make to the Kaltura eco-system, across all environments and CI/CD cycles.
Additionally, the tool gives visibility to Kaltura’s security teams to monitor network flows and more, allowing them to investigate network and applicative paths.
Niv Shlomo, DevOps Group Manager at Kaltura
