Transcript:
"Hi, I'm Mandy Andress, CISO, at Elastic, the search AI company that helps organizations uncover real time insights in their data. So we selected Valence security because we were looking for a solution that would cover all of our critical SaaS applications as a cloud native organization, where all of our enterprise services are SaaS services and SaaS offerings in security.
There are a number of tools that can help you identify issues or find findings in your environments. The challenge is then you often need yet another tool to help you fix those findings. And one of the things that we really liked about Valence was you could both find and remediate your findings within one single solution. And then it could also tie into our existing automation solutions to put the whole picture together for us in a much simpler tech stack.
We had the visibility that we wanted in our existing tools, but it was hard to understand, hard to analyze very time consuming, very manual and what took us potentially weeks to analyze and uncover in the past with Valence. We were able to highlight and understand in minutes if not seconds.
One of the first ones we put in place was anonymous, fully open links in Google workspace and Google drive, and being able to automatically remove those links if they had been inactive for a period of time. We were also able to look at personal email addresses or non elastic email addresses, and also remove access. We have elastic employees in 30 plus countries around the world. So we focus on providing shared awareness content.
But what's really effective is when we use the slackbot integration with Valence, we can have significant findings but we don't have the resources to go through and address those individually or manually. So having the automation to either provide integrations with things like the Slackbot, to give users insights and the opportunity to take action to tying into some of our other automation tools to automatically remediate findings that has taken a significant workload off the team and also avoided adding workload.
As Valence is identifying so different and new configuration changes that we need to take a look at and implement across the organization… for Genai at elastic. We have an internal Genai board that reviews requests for uses of Genai. And we've been using Valence to help us identify tools or solutions that are being used or being tried out by employees to help us get insight into what are some of the solutions that we need to bring to the Gen AI board and discuss their potential use at the organization?
Valence has helped us work more closely with our it team in that it made configuration and security discussions one much more visible and much more self service. So, whereas, in the past, we had members of the infosec team, coordinating and working closely with the it team on changes we need to make and help explain why, and provide more of the details.
Now, the it team can log into Valence and see all of that same information themselves. And we don't have to be directly engaged in every discussion and every analysis that the it team is doing.
