About BigCommerce
Industry: Software & Technology
Employees: 1,500+
HQ Location: Austin, Texas
BigCommerce (Nasdaq: BIGC) is a leading Open SaaS eCommerce platform based in Austin, TX that has tens of thousands of B2C and B2B established and fast-growing brands across 150 countries and numerous industries. BigCommerce partners with thousands of best-of-breed technology and agency partners in their open ecosystem, giving customers the freedom and flexibility to choose the best combination of eCommerce solutions for their specific needs.
Executive Summary
The BigCommerce security team was looking to defend against known threats due to a lack of visibility into their user base and across their SaaS application environment. The primary vulnerabilities driving their sense of urgency were surrounding the conflict in Ukraine, LAPSUS$ MFA attacks, and insider risk.
Not only was BigCommerce able to quickly and easily close these detection gaps with Obsidian, but they also managed to reduce their overall SIEM monitoring costs and replaced the need for disparate tool investments with added value realized from Obsidian’s DLP and insider risk capabilities.
Flying blind in the fight against cyber war and malicious users
Like most security teams, emerging threats surrounding global events as well as high-profile industry breaches were changing the way that BigCommerce needed to prioritize defending its business. As an international company with an engineering team of over 100 employees based in Ukraine, escalating Russian aggression was putting mounting pressure on the team to get their arms around potential nation-state attacks including MFA vulnerabilities.
Mitigating Insider Risk
For over a year, BigCommerce had also been focused on finding a way to adequately address a malicious insider breach scenario that an industry peer experienced. Two rogue support employees abused the peer company’s platform in order to obtain sensitive customer data by grabbing their transaction records. Dan Holden, who leads the BigCommerce security team explained the significance of this as insider threats transcending something that was previously a concern and potential risk to something that has real-world examples now. BigCommerce had no easy or logical way of monitoring its user base to uncover compromised insiders or data exposure.
SaaS Requires Purpose Built Security
Modern eCommerce platforms like BigCommerce have complex SaaS environments with thousands of individual users, configurations, privileges, and integrations to navigate. Making sense of this complexity to deliver security improvements requires not only complete visibility but also tremendous expertise from any security team. Even with sufficient expertise, continuous SaaS security demands significant time, varied resources, and the right tools.
As BigCommerce explored using its own SIEM to accomplish some of these objectives, the team identified two disadvantages compared to Obsidian with regard to addressing SaaS security.
Lack of inherent SaaS expertise
The BigCommerce team didn’t need more alerts or events, they needed out-of-the-box assessments of their environment and actionable recommendations for reducing risk and protecting critical applications. Without inherent SaaS expertise, SIEMs often require the resource-intensive task of researching each application, writing custom rulesets, mapping to industry benchmarks, and tuning for better results.
Application context void
Beyond activity logs, SIEMs often lack targeted SaaS data collection of critical contextual information for solving specific security use cases. Without an adequate understanding of users, privileges, configuration, and cross-application data, improving SaaS posture and monitoring for potential threats properly can be inefficient, if not implausible.
Why Obsidian? Checking all the boxes
Within two weeks and only a few hours of effort from BigCommerce, Obsidian conducted an evaluation that resulted in actionable findings for their team. The highlights include:
- Data exposure risks such as company files potentially accessible beyond the intended audience
- Integration risks with dozens of 3rd party partner apps
- Account compromise risks associated with previously undetectable potential MFA bypass attempts, suspicious logins from foreign countries, and impossible travel across multiple applications
The results were clear. The BigCommerce team could simplify its approach by onboarding resources designed to address these specific gaps.
Built-in expertise
After connecting their applications in just a few clicks, with no agents or proxies to deploy, Obsidian was instantly providing BigCommerce with expert insights to get their team started quickly. Between Obsidian’s actionable recommendations and the intuitive nature of our platform, BigCommerce realized value immediately. As Dan put it, “You are looking to lean on your vendors as partners because you are needing that level of expertise.” By delivering meaningful, context-rich data, Dan’s team is now able to spend more time on higher priority tasks rather than trying to build home-grown SIEM alerts.
Versatile capabilities
Like many security leaders faced with managing excessive vendor sprawl, finding a dynamic solution that was able to solve a variety of use cases was extremely valuable to the BigCommerce team. Obsidian is the only SSPM platform complete with posture, integration, and threat capabilities. Consolidating these essential components provides a depth of expertise in each unique application as well as absolute visibility across the entire SaaS surface area. Obsidian’s distinctive approach to SaaS has empowered BigCommerce to address a variety of use cases beyond standard configuration concerns including account compromise, data loss prevention (DLP), and insider risk.
Hard Costs Savings
Prior to Obsidian, the team at BigCommerce knew the importance of protecting their SaaS applications but struggled to do so with efficiency. During the evaluation process our compounding value, ease of use, and built-in expertise made the business case for Obsidian glaringly obvious. In fact, the team expedited mid-year adjustments in order to onboard Obsidian faster and put it to use against nation-state and insider threat concerns immediately.
By providing comprehensive SaaS security, Obsidian eliminated the need for disparate point solutions and helped BigCommerce right-size its existing security stack through added efficiency:
- SIEM cost reduction – Leveraging Obsidian’s built-in expertise to protect users and sensitive application data, their team was able to reduce the fees of overall monitoring. They now have the ability to tune out perceived noise without fear of missing any important logs. This negated the need for forwarding logs to the enterprise SIEM module for analysis, something which would have cost the team roughly 25% more.
- Solution Consolidation – Leveraging Obsidian for a broad set of use cases, BigCommerce avoided the need for disparate point detection tools. Beyond their primary concerns of SaaS posture and threat management, data loss prevention (DLP) and insider threat monitoring capabilities added unanticipated value for their team. Covering multiple bases with Obsidian, the team was able to streamline their existing security solutions for maximum efficiency and simplified management.
What’s Next?
Obsidian has a relentless focus on delivering mission-critical and quantifiable value for our customers. That is why we look forward to continuing our work with BigCommerce and building on the partnership that’s been established. By learning from our collaboration with talented security teams like theirs, our ability to protect the applications that people rely on most grows stronger every day.