June 1st, 2021
Customer Interview: Carta - Equity Management Solutions
Christopher Luft
LimaCharlie is lucky to have some really amazing customers doing amazing things. Today we are very happy to present an interview with the lead of Security Operations at Carta who recently moved their security operations onto the LimaCharlie platform.
Introduce yourself and your company. I’m Jonathan Haas, and I lead Security Operations at Carta. Carta is a software platform that allows founders, investors, and employees to manage equity and ownership. Security Operations at Carta handles all things that go bump in the night -- investigating, triaging and remediating potential security issues in the pursuit of presenting the most secure user experience possible
What do you see as the biggest challenges facing the information security community over the next few years? I’m a firm believer that there needs to be a reset back to the basics in Information Security. While there has been a massive proliferation of vendors, tools, and trainings all centered around the newest and most advanced security measures which can block even the most sophisticated of attacks -- in reality, a majority of these solutions are a mess of complex configuration settings and alerts (at best), or a completely unmanageable black box (at worst).
Reliance on tools that don’t provide any level of extensibility means always finding a solution that fits for your business, which is the most important part of any good security engineer’s job. As our business grows, we’re focused on technologies that grant us leverage, not simply automation -- and LimaCharlie is one such technology which allows us this capability. With LimaCharlie, we’re capable of codifying our detections in-line with our alerts, meaning we can focus on detection and remediation, not chasing alerts with little to no end user interaction.
What was your initial reaction to the concept of Security Infrastructure as a Service?
I was absolutely thrilled! Carta is on the cutting edge of many security best practices -- but each step we take is rooted in having a firm grasp and understanding of security fundamentals. We heavily lean on concepts like Infrastructure and Configuration as code in order to ensure we’re solidifying these strong fundamentals. LimaCharlie fits in perfectly with this, allowing us to configure our own detections, how we respond to them, and who and what gets notified. Being able to find a solution which allowed us to build something specific to our needs as a business really accelerated our timeline on responding to and remediating potential threats, and because we were able to write each detection ourselves -- we knew exactly what we were getting! As we look to build out future detection and response capabilities, SIAAS will always be at the top of our priority list.
How have you and your colleagues found the experience with LimaCharlie to be?
In a singular word? Amazing! When you onboard with LimaCharlie, you’re onboarding to a platform (and to some extent, the broader community), rather than simply a tool. With LimaCharlie, the approach you take is one you have direct control over - something our team of security engineers and developers absolutely love.
I had heard about LimaCharlie from my former colleagues and while I’ll admit I was a bit skeptical at first, after just a few minutes of using the tool, it became clear how useful it would be. LimaCharlie is a lot like having an API for all the hosts in your environment -- meaning when something happens, you can quickly respond, triage, and create future detections -- all in the matter of a few seconds. For furthering our detection capabilities, it’s proved truly unrivaled, and at a fraction of the cost of implementing other vendors.
Do you have any advice for other enterprise security teams?
If you’re frustrated like I was setting up a multitude of alerts across a multitude of systems to all fundamentally do the same thing, consider detections-as-code (something LimaCharlie enables greatly!)