From Netflix to Fox Sports and Vice, some of the most prominent creators of video and film content use the Frame.io platform for cloud-based review and collaboration across multiple teams. Given the confidentiality concerns faced by customers, the company, which launched in 2014, promises security and reliability—both of which it’s able to provide thanks to cloud native technology.
All of Frame.io’s workloads—including the video content customers are collaborating on using the platform—run inside Docker containers. “Containers are in the line of fire,” says Abhinav Srivastava, VP and Head of Information Security and Infrastructure at Frame.io. “We want to have a complete visibility inside our containers, and we want them to be secure.” To build a rock-solid security program for Frame.io’s video cloud, the team needed container security tools.
Falco, an open source project for container native runtime security, was a good fit for Frame.io. Given Frame.io’s particular requirements, the team “went through the fine-tuning process,” says Srivastava. “We basically built a complete end-to-end system on top of Falco using Falco’s raw data.”
Because the team now has full transparency in its system, Srivastava says, incident response and time to resolution have improved. Falco has also helped Frame.io with SOC2 Type 2 and TPN compliance. “The main thing that we’re trying to protect is our customer data—the media files that we’re processing within these Docker containers,” says Site Reliability Engineer Billy Shambrook. “Using Falco, we get visibility into what exactly those containers are doing and are alerting on that, and that’s helped ensure that the data is protected.”
A vendor product for the kind of environment Frame.io runs could easily cost $150,000 a year, Srivastava points out. “We are spending more or less the same amount, but we aren’t paying for one tool,” he says. “We are spending that money for our entire security operations.”
For more about Frame.io’s use of Falco, read the full case study.