Behavox Scales to Support Institutions with 100,000 Employees on AWS Organizations and AWS Identity Services
Behavox provides a suite of security products that help compliance, human resources, and security teams protect their companies and colleagues from bad actors. In 2018, as Behavox started rapidly expanding its customer base, its security team commenced a strategic upgrade of the company’s security infrastructure stack to continue effectively protecting its customers using scalable, robust, and commercially sensible security controls. In particular, Behavox needed a centralized, securely designed, multiaccount solution to manage the growing number of Amazon Web Services (AWS) accounts hosting its software-as-a-service solutions.
To deliver the unified, high-visibility environment that it required, Behavox built a solution using AWS Organizations—which companies can use to centrally manage and govern their environments as they grow and scale their AWS resources. Using AWS Organizations alongside supporting AWS Identity Services—which let users manage identities, resources, and permissions securely and at scale—Behavox centralized and enhanced its security posture, optimized speed to market, and facilitated ongoing growth.
Using AWS Organizations was the right choice, and by adding AWS Control Tower, we basically had a structure that delivered security by design.”
Head of Security, Behavox
Finding a Multiaccount Strategy That Supports Growth
Behavox uses a proprietary artificial intelligence solution to analyze corporate communications data, helping enterprises detect illegal, immoral, or malicious behavior to protect their digital headquarters. The global company serves financial institutions across multiple verticals, including investment banks, asset managers, hedge funds, and wealth funds. Founded in 2014, Behavox selected AWS as its primary cloud infrastructure provider due to the provider’s track record of deploying solutions and facilitating compliance for large global financial institutions and regulatory authorities, as well as its excellent support and account teams.
Behavox began developing solutions on AWS in 2015. Because customers’ privacy, security, and peace of mind are key, the company chose to deploy each customer into a dedicated AWS account, which serves as a logical resource boundary for security, access, and billing purposes. Over time, most Behavox customers sought to take advantage of the high availability, scalability, and security of AWS by choosing to deploy on Behavox’s AWS-powered software-as-a-service solution. With the rapidly growing number of software-as-a-service deployments, Behavox found itself maintaining an increasing number of standalone AWS accounts and needed to adapt its infrastructure and processes in response to the growing complexity of its operations. Behavox’s first priority was to upgrade systems and controls underpinning its security operations.
In 2018, the company embarked on an effort to build a comprehensive security operations layer onto its existing AWS infrastructure to help it efficiently manage its AWS accounts hosting customer workloads and to facilitate compliance as the company grows. Behavox wanted to deploy its security standards and controls in a unified, automatic manner with full visibility into the security configurations of each account.
Using AWS services, Behavox was able to significantly optimize its costs and speed to market to effectively run security operations at scale. “Building these solutions internally didn’t make business sense—it would take us months or years and millions of dollars in research and development and ongoing maintenance costs,” says Kiryl Trembovolski, chief operating officer of Behavox. “But it’s not only about money and time. Behavox’s goal is to help enterprises identify illegal, immoral, and malicious behavior to protect their digital headquarters—this mission is why we continue investing in AWS solutions.”
Delivering Agility and a Proactive Security Posture
Behavox adopted AWS Organizations, together with AWS Control Tower, to help it centralize account management, enable effective multiaccount governance, and provide a mechanism for managing security and service control policies—which define the preventive guardrails that manage permissions for an organization. “Using AWS Organizations was the right choice, and by adding AWS Control Tower, we had a structure that delivered security by design,” says Tigran Petrosyan, head of security at Behavox.
To facilitate the secure but scalable management of AWS user credentials for Behavox personnel tasked with maintaining customer environments, Behavox implemented AWS Single Sign-On (AWS SSO), where companies can centrally manage access to multiple AWS accounts or applications. “Having an effective identity management solution helps us to enforce security policies across all systems, environments, and applications,” says Petrosyan. “As we embarked on our journey to becoming SOC 2 compliant while rapidly growing our customer base, using AWS SSO was the right way to manage and monitor access to our AWS accounts.”
Using AWS, Behavox was able to augment its environment by incorporating security solutions alongside other AWS services—including Amazon Kinesis Data Firehose, an extract, transform, load service. Behavox relies on Amazon Kinesis Data Firehose to capture and ingest various types of log data across each environment as part of its centralized SIEM infrastructure.
Behavox also efficiently deployed Amazon GuardDuty, a threat detection service that continuously monitors a company’s AWS accounts and workloads for malicious activity, in 2 months. “Our adoption of Amazon GuardDuty is a success story about how we took advantage of excellent service quality, speed, and cost efficiencies by choosing AWS native services. It took us just weeks to comprehensively test and roll out the solution across all of our AWS accounts with the help of AWS Organizations,” says Trembovolski. “Amazon GuardDuty became a valuable addition to our security systems portfolio, generating a return on investment from day one and helping to keep our customers protected.”
Powering Growth and Ongoing Innovation
In the 2 years since 2020, Behavox has grown significantly to support more and larger customers. Behavox had already established a customer base of globally significant financial services institutions, but it has since expanded to serve diverse enterprises—including financial services, commodities traders, digital currency exchanges, and other high-growth companies—with employee bases of 60,000–100,000 employees.
Because Behavox can add new AWS services efficiently, it can continue innovating to enhance its security operations. On AWS, the company has successfully passed the SOC 2 Type II examination, demonstrating commitment to the security and availability of its products and the protection of its customer data. “We look forward to developing and strengthening our engagement alongside AWS and our expertise using existing and future AWS services,” says Trembovolski.
Behavox provides a suite of security products that help compliance, human resources, and security teams protect their companies and colleagues from bad actors. By analyzing corporate communications data, Behavox helps organizations identify illegal, immoral, and malicious behavior in the workplace.
Benefits of AWS
- Gained a unified approach to managing accounts at scale
- Enhanced the company’s proactive security posture
- Upgraded its identity management solution
- Augmented its AWS environment
- Adopted Amazon GuardDuty in 2 months to enhance its security systems portfolio
- Optimizes development costs and time to market
- Supports institutions with up to 100,000 employees
AWS Services Used
AWS Organizations helps you centrally manage and govern your environment as you grow and scale your AWS resources.
AWS Single Sign-On (AWS SSO)
AWS Single Sign-On (AWS SSO) is where you create, or connect, your workforce identities in AWS once and manage access centrally across your AWS organization.
AWS Control Tower
AWS Control Tower provides the easiest way to set up and govern a secure, multi-account AWS environment, called a landing zone.
Amazon GuardDuty is a threat detection service that continuously monitors your AWS accounts and workloads for malicious activity and delivers detailed security findings for visibility and remediation.
Organizations of all sizes across all industries are transforming their businesses and delivering on their missions every day using AWS. Contact our experts and start your own AWS journey today.