From Months to Hours: CyberArk Leverages AWS Serverless for Rapid Innovation
CyberArk, a global leader in identity security, has revolutionized its internal development process by adopting serverless technology on Amazon Web Services (AWS). This strategic move has dramatically accelerated the time it takes to bring new products and services to market, going from months to mere hours. The company’s platform engineering division created an internal development platform (IDP) using AWS serverless services, resulting in significant improvements in efficiency, security standardization, and governance across their development teams.
The Challenge: Streamlining Development to Meet Growing Demand
CyberArk provides software-as-a-service (SaaS) solutions to secure human and machine identities across various environments. The company recognized the need to standardize its services, improve governance, and speed up time to market in response to the increasing scale of its developer teams. Prior to the IDP, CyberArk’s development operated in technological silos, hindering efficiency. The platform engineering team’s mission was to create a centralized SaaS framework to address these challenges.
The Solution: Serverless-First Approach and Architectural Blueprints
CyberArk opted for a serverless-first strategy, using AWS serverless technologies. This was driven by the goal of minimizing operational overhead and empowering developers. Ran Isenberg, principal architect in CyberArk’s platform engineering division and an AWS serverless hero, stated, “Adopting serverless technology empowered our developers with agility and simplified cloud resource management, helping us to accelerate time to market and focus on delivering value faster.”
The team created serverless architecture blueprints that were organized and governed using the AWS Service Catalog. These blueprints included core backend frameworks and services, incorporating best practices, observability tools, security tools, and infrastructure-as-code (IaC) templates. This approach helped with cross-account identity access management, a crucial security consideration.
Implementing AWS Services
The blueprints extensively used AWS serverless services like:
- Amazon API Gateway: for creating, maintaining, and securing APIs.
- AWS Lambda: for running code in response to specific events.
- Amazon Simple Queue Service (SQS): for managing message queuing.
The Outcome: Dramatic Time Savings and Enhanced Efficiency
The platform engineering team’s methods addressed the non-business requirements that once took development teams up to 18 weeks. By implementing the serverless blueprints, automation, and platform engineering practices, CyberArk reduced the time needed to bring new services online to a mere 3 hours. “Implementing serverless blueprints, automation, and platform engineering practices helped us save over 4 months of development time for each new service we build,” Isenberg confirmed.
The IDP has been integrated with 14 CyberArk services, with continued work to assimilate more. The IDP also simplified customer workflows and user interfaces. Customers are offered a unified experience, and Cyberark can maintain multiple services from UI interfaces. Teams can now release services daily rather than monthly, delivering quicker value to customers.
“The platform helps us deliver value to customers and makes everybody’s life easier,” notes Isenberg.
This strategic shift to serverless has enabled CyberArk to simplify its focus on the business objectives, while AWS manages the underlying infrastructure. “Serverless technology makes it simple to just focus on our business domain because we don’t need to maintain it or install updates,” says Isenberg, showcasing the strategic value that the technology provides. The company is making it simple to build new services quickly, furthering its position as a global leader in the identity security market.
