The largest multi-channel payment platform in the Philippines partners with Aqua to secure its digital transformation
Bayad joins Aqua’s customer list by selecting latter’s cloud native application protection platform (CNAPP) to ensure security and compliance of its digital wallet platform, biller aggregator service and bills payment platforms.
Bayad is a subsidiary of the Manila Electric Company (Meralco) and has been investing in cloud native application methodologies, using container and serverless technologies to increase agility, scalability, and resilience of key applications. To overcome some of the security challenges associated with the shift to cloud native applications, Bayad sought to elevate its standard for cloud native security.
“We selected Aqua because it offers the capabilities that best match our environment from containers all the way to serverless.”
Mel Migriño, Group CISO, Meralco.
“Given Bayad’s direction for cloud adaptation, we had to prioritize security controls in this new environment to ensure that the environment remains secure and intact,” said Mel Migriño, Meralco Group CISO. “We selected Aqua because it offers the capabilities that best match our environment from containers all the way to serverless.”
Leveraging Aqua’s platform, Bayad can assess security risks in the pipeline before applications get pushed into production. This includes detecting and remediating vulnerabilities in container images and serverless functions, security misconfigurations in cloud environments, and the presence of hidden secrets and sensitive data in application artifacts.
“With Aqua, we now have visibility on the vulnerabilities of our cloud native applications, and it helps us prioritize remediation, so our Security Operations team is not overwhelmed,” said Migriño.
The Aqua Platform is also used to extend security controls into production environments, where Aqua detects and prevents anomalous or disallowed behaviors at runtime. Bayad now adheres to industry best practices and compliance requirements, supporting principles of least privilege, detecting anomalies at runtime, and hardening cloud infrastructure.
“Highly regulated industries demand compliance and visibility,” said Robert D’Amico, Area Vice President for Asia Pacific and Japan. “Aqua’s platform enables Bayad to enforce compliance across the entire application lifecycle and stop cloud native attacks. We’re thrilled to have partnered with Bayad to allow the team to reach its vision for compliance with industry requirements, greater security of critical applications and protection of sensitive business and customer data.”
Delivering Value through Partnership
Gefura Inc., a Solutions Distributor for Network and Security, is a trusted provider for Bayad and an Aqua Security partner since 2020. The Gefura team recognized that Aqua Security could solve Bayad’s security and compliance challenges and worked with Bayad to integrate and deploy Aqua’s platform.
“True to its value driven DNA, Gefura has partnered with Aqua Security for its ability to unify protection of varying cloud native applications from containers to serverless, SAAS or on-premise. Aqua’s CNAPP solution is the leader in this space and has proprietary defense capabilities to stop attacks on its track in the absolute terms – no machine guessing needed. Compensating controls can also be implemented for vulnerabilities without needing to change existing code base which is quite unique,” said Ned Serate, Gefura Consulting Principal.
