Multi-channel payment platform Bayad, the Philippines’ pioneer in outsourced payment collection, selected Aqua Security’s cloud native application protection platform (CNAPP) to ensure security and compliance of its digital wallet platform, biller aggregator service and bills payment platforms.
A subsidiary of power distributor Manila Electric Company (Meralco), Bayad has been investing in cloud native application methodologies, using container and serverless technologies to increase agility, scalability, and resilience of key applications.
To overcome some of the security challenges associated with the shift to cloud native applications, Bayad sought to elevate its standard for cloud native security.
“Given Bayad’s direction for cloud adaptation, we had to prioritise security controls in this new environment to ensure that the environment remains secure and intact,” said Mel Migriño, Meralco Group CISO.
“We selected Aqua because it offers the capabilities that best match our environment from containers all the way to serverless,” said Migriño.
With Aqua’s platform, Bayad can assess security risks in the pipeline before applications get pushed into production.
This includes detecting and remediating vulnerabilities in container images and serverless functions, security misconfigurations in cloud environments, and the presence of hidden secrets and sensitive data in application artifacts.
“We now have visibility on the vulnerabilities of our cloud native applications, and it helps us prioritise remediation, so our Security Operations team is not overwhelmed,” said Migriño.
The Aqua Platform is also used to extend security controls into production environments, where Aqua detects and prevents anomalous or disallowed behaviors at runtime.
Bayad now adheres to industry best practices and compliance requirements, supporting principles of least privilege, detecting anomalies at runtime, and hardening cloud infrastructure.
Robert D’Amico, Aqua’s area VP for Asia Pacific and Japan, said their platform enables Bayad to enforce compliance across the entire application lifecycle and stop cloud native attacks.