Customer Success Story: How iNBest Achieved 95% Faster Security Threat Detection with Obok
Automated cloud security monitoring helps Mexican MSP detect threats in minutes instead of weeks, while uncovering $24K in annual cost savings
At a Glance
Customer:
iNBest
Industry:
Cloud Services & Managed Services Provider (MSP)
Location:
Mexico
Challenge:
Manual security monitoring across multiple AWS accounts was time-consuming and prone to gaps
Solution:
Obok Cloud Security Platform with AWS Security Hub integration
Results
44 security issues and 36 cost optimization opportunities identified
95%
reduction in threat detection time (from weeks to minutes)
90%
reduction in manual security review effort
80
automated security policies deployed
$24,720
annual cost savings discovered
The Challenge: Manual Security Monitoring Can't Keep Pace with Cloud Growth
As a leading managed service provider specializing in AWS cloud solutions, iNBest faced a challenge familiar to many growing organizations: how to maintain robust security across multiple AWS accounts while scaling operations efficiently.
The Reality of Manual Security Audits
iNBest's security team spent 8-10 hours every week performing manual security audits of their AWS infrastructure. Despite this significant time investment, they were only able to review 40-50% of their resources due to the sheer volume and complexity of their multi-account AWS environment.
Key pain points included:
- •
Slow Detection Times: Security issues were discovered during weekly audits, meaning threats could go undetected for 7-30 days
- •
Inconsistent Coverage: Manual reviews inevitably missed resources and misconfigurations
- •
No Cost Visibility: No systematic way to identify cloud waste alongside security issues
- •
Compliance Challenges: Difficulty demonstrating continuous compliance with CIS AWS Foundations Benchmark
- •
Manual Escalation: No automated path to escalate critical incidents to AWS Security Incident Response
"We were caught in a cycle of reactive security management, explains the iNBest security team. By the time we discovered issues in our weekly audits, they'd already been exposed for days. We knew we needed automated, real-time detection to protect our infrastructure and our clients."
— iNBest Security Operations Team
The Solution: Automated Security Monitoring with Obok
iNBest partnered with Obok for Cloud Security Platform, a comprehensive solution built on the proven Cloud Custodian open-source engine with deep integration into AWS Security Hub and AWS Security Incident Response.
How Obok Works
Obok transforms security monitoring from a periodic manual task into a continuous, automated process:
1. Continuous Policy Enforcement
- •
80 pre-built security and cost optimization policies run automatically
- •
Policies check resources every 15 minutes
- •
Coverage spans IAM, EC2, S3, RDS, VPC, CloudTrail, and more
2. Intelligent Finding Generation
- •
Policy violations automatically generate standardized security findings
- •
Each finding includes severity level, confidence assessment, and detailed remediation steps
- •
Findings are formatted in AWS Security Finding Format (ASFF) for seamless integration
3. Centralized Visibility
- •
All findings appear in the Obok dashboard AND AWS Security Hub
- •
Separate views for security issues and cost optimization opportunities
- •
Real-time alerts for HIGH severity findings
4. Automated Incident Response
- •
Critical security findings automatically create incidents in AWS Security Incident Response
- •
Full context and remediation guidance included
- •
Seamless escalation to AWS Customer Incident Response Team (CIRT) when needed
Implementation Highlights
The Obok deployment was completed in the July-December 2024 timeframe with:
- •
Zero disruption to existing operations
- •
Minimal configuration required thanks to pre-built CIS-aligned policies
- •
Immediate visibility into security posture on day one
- •
Full AWS Security Hub integration within the first week
The Results: Dramatic Improvements Across Security and Operations
1. 95% Reduction in Threat Detection Time
Before Obok:
- •
Security issues discovered in weekly audits
- •
Average detection time: 7-30 days
- •
Manual review required: 8-10 hours/week
With Obok:
- •
Continuous automated monitoring 24/7
- •
Detection time: Real-time to 15 minutes
- •
Manual review reduced to: <1 hour/week
Real-World Example:
A security group misconfiguration allowing unrestricted RDP access (0.0.0.0/0) was detected by Obok within 15 minutes of creation. Previously, this critical vulnerability would have gone unnoticed for an average of 3.5 days until the next manual audit—a 99.7% reduction in exposure window.
2. Comprehensive Security Coverage
80 Automated Policies Deployed:
44 Security policies covering:
- •
IAM security (MFA enforcement, access key rotation, password policies)
- •
Network security (security groups, VPC flow logs, unrestricted access)
- •
Data protection (EBS encryption, S3 security, RDS encryption, CloudTrail)
- •
Compliance (CIS AWS Foundations Benchmark v1.4.0 controls)
36 Cost optimization policies identifying:
- •
Unused resources (idle RDS, unattached EBS volumes, stopped EC2 instances)
- •
Inefficient configurations (outdated instance types, gp2 vs gp3 storage)
- •
Cloud waste (unassociated Elastic IPs, unused secrets, stale log streams)
44 Active Security Findings Identified:
- •
26 HIGH severity issues requiring immediate attention
- •
12 MEDIUM severity issues for remediation planning
- •
6 LOW severity informational findings
- •
All findings include step-by-step remediation guidance
3. $24,720 Annual Cost Savings Identified
Beyond security improvements, Obok uncovered significant cost optimization opportunities:
HIGH Priority Savings ($770/month):
- •
4 unused RDS instances with 0 connections for 90+ days: $450/month
- •
2 unused RDS clusters: $320/month
MEDIUM Priority Savings ($910/month):
- •
7 underutilized EC2 instances (CPU <10%): $280/month
- •
45 EBS volumes on old gp2 type (should migrate to gp3): $135/month
- •
6 RDS instances on gp2 storage: $95/month
- •
3 ELBs with no attached instances: $60/month
- •
8 under-utilized EC2 instances: $340/month
LOW Priority Savings ($380/month):
- •
18 unattached EBS volumes: $54/month
- •
5 unassociated Elastic IPs: $36/month
- •
12 outdated EC2 instance types: $200/month
- •
6 stopped EC2 instances incurring EBS costs: $72/month
- •
Additional minor optimizations: $18/month
Total Identified:$2,060/month = $24,720/year
Success Story:
One unused RDS PostgreSQL instance (db.r5.large) was discovered running for 4 months after a project completion. Terminating it saved $1,980 annually—easily covering a significant portion of the Obok platform cost.
4. Operational Excellence
Team Productivity
- •
Security team freed up 8-10 hours/week from manual audits
- •
Time redirected to strategic security initiatives and customer support
- •
Faster incident response with automated triage and prioritization
Customer Confidence
- •
95% increase in security posture confidence (from 60% to 95%)
- •
First-time comprehensive view of cloud waste and cost optimization
- •
Automated compliance reporting for customer audits
Scalability
- •
Architecture proven across multiple AWS accounts
- •
Easy to extend to additional customers and accounts
- •
Sub-15-minute detection cycles maintained under load
Key Success Factors
1. Proven Open-Source Foundation
Built on Cloud Custodian, the most widely-adopted cloud governance framework with thousands of organizations worldwide, ensuring reliability and community support.
2. AWS Native Integration
Deep integration with AWS Security Hub and Security Incident Response provides seamless workflow integration without complex custom development.
3. Dual Value Delivery
Unique combination of security monitoring AND cost optimization in a single platform delivers value across multiple organizational priorities.
4. Policy-as-Code Approach
YAML-based policies are version-controlled, easily customizable, and scalable across multiple accounts and regions.
5. Expert Partnership
Combination of E-ngenium's platform expertise and iNBest's AWS security knowledge ensured rapid deployment and ongoing optimization.
Customer Testimonial
"The transformation has been remarkable. We went from spending 8-10 hours every week on manual security audits with limited coverage, to having continuous 24/7 automated monitoring with 100% coverage. The 15-minute detection time means we can catch and fix issues before they become real problems.
But what really surprised us was the cost optimization value. We thought we were managing our cloud spend well, but Obok found over $24,000 in annual savings we hadn't identified. The platform paid for itself in the first quarter.
Now we can offer our clients enterprise-grade security monitoring with complete confidence in our automated detection capabilities."
— iNBest Security Operations Team
Lessons Learned
iNBest's journey with Obok provides valuable insights for other organizations:
- 1.
Automation is Non-Negotiable: Manual security monitoring cannot keep pace with modern cloud environments
- 2.
Standardization Matters: Deterministic finding IDs and consistent templates are critical for tracking and deduplication
- 3.
Integration Over Custom Build: Leveraging native AWS integrations (Security Hub, ASFF) is faster and more reliable than custom solutions
- 4.
Security + Cost = Winning Combination: Combining security and cost optimization in one platform delivers cross-functional value
- 5.
Open-Source Provides Flexibility: Cloud Custodian's policy-as-code approach enables rapid customization and scaling
- 6.
Documentation Accelerates Success: Comprehensive templates, samples, and architecture diagrams streamline onboarding
- 7.
Continuous Compliance is Achievable: Automated CIS Benchmark checks transform compliance from periodic audits to continuous posture
- 8.
Early Detection Reduces Risk: Minutes vs. days in detection time dramatically reduces threat exposure and potential impact
The Bottom Line
Metric | Before Obok | After Obok | Improvement |
|---|---|---|---|
Mean Time to Detect | 7-30 days | <15 minutes | 95% reduction |
Manual Review Time | 8-10 hrs/week | <1 hr/week | 90% reduction |
Resource Coverage | 40-50% | 100% | 2x increase |
Security Policies | Manual checks | 80 automated | New capability |
Cost Savings Identified | $0 | $24,720/year | New revenue stream |
Detection Consistency | Variable | 100% accurate | Eliminated human error |
Ready to Transform Your Cloud Security?
iNBest's success demonstrates that automated cloud security monitoring is not just faster and more comprehensive—it also delivers measurable cost savings and competitive advantages.
Obok can help your organization:
- •
Detect security threats in minutes instead of days or weeks
- •
Achieve 90%+ reduction in manual security review effort
- •
Maintain continuous compliance with CIS, NIST, PCI-DSS frameworks
- •
Identify tens of thousands in annual cost savings
- •
Scale security across multi-account environments
Get Started Today
Free Security Assessment
Let us analyze your AWS environment and identify your top security and cost optimization opportunities—no obligation.
Platform Demo
See Obok in action with a personalized demo using your AWS environment data.
About iNBest
iNBest is a leading managed service provider specializing in Cloud Consulting across Mexico and the United States. With deep expertise in cloud security, DevOps transformation, and cost optimization, iNBest helps enterprises achieve operational excellence through innovative AWS solutions and proven best practices.
Services:
Cloud Security Services
DevOps Transformation
Cost Optimization
Managed Services (24/7)
Compliance Consulting
Contact iNBest:
Mexico: +52 33 2309 0100 | +52 55 6651 8800
USA: +1 973 554 9068
Web:www.inbest.cloud
Email:[email protected]
This case study is based on the actual implementation of Obok Cloud Security Platform at iNBest during July-December 2024. Results are specific to iNBest's environment and may vary based on individual AWS configurations and usage patterns.