Leading Healthcare Achieves
87% Reduction in Cost-Per-Remedation with Tamnoon
Fortune 1000 healthcare company partnered with Tamnoon to fast-track critical cloud security remediation and enhance their vulnerability management process. In three months, Tamnoon reduced the security engineer’s workload, improved security-DevOps collaboration, and eliminated production downtime.
Reduction in remediation costs
With Tamnoon, the company cut costs per remediation from $8,775 to $775
Decrease in time to remediate alerts
Tamnoon helped reduce mean-time-to-remediation from 19.5 billable hours to 1 hour
Production downtime
Tamnoon’s impact analysis enabled secure remediation without disruptions
Reduction in remediation costs
With Tamnoon, the company cut costs per remediation from $8,775 to $775
Decrease in time to remediate alerts
Tamnoon helped reduce mean-time-to-remediation from 19.5 billable hours to 1 hour
Production downtime
Tamnoon’s impact analysis enabled secure remediation without disruptions
The Challenge
A US-based healthcare company struggled with high remediation costs, manual processes, and reliance on a single $450/hour senior security engineer, leading to slow, ad-hoc remediation that disrupted production and strained resources.
- One salaried ($450/hour) Senior Security Engineer responsible for all remediation
- High remediation costs ($8,775 per remediation) - Mean-time-to-remediation of 19.5 billable hours
- CLI cloud infrastructure deployment with highly manual remediation processes
- Long mean-times-to-remediate that disrupted production cycles
A Fortune 1000 healthcare company managing over $100B in assets enlisted a Big Four consulting firm to enhance cloud security. The company assigned a $450/hour senior security engineer to remediate critical cloud misconfigurations. Despite leveraging the firm’s robust detection capabilities, the company faced challenges with ad-hoc processes and high alert volumes, which slowed remediation efforts and strained resources.
The company deployed cloud infrastructure using a command-line interface (CLI) with some infrastructure as code. Misconfigurations required manual, ad-hoc remediation, increasing consulting costs and overburdening the senior security engineer. Without standardized playbooks, recurring misconfigurations led to repetitive work, while manual remediation disrupted production and risked business objectives.
“Tamnoon helped us increase ROI for cloud security. By collaborating with our consulting partner to maximize the remediation efforts of our assigned security engineer, and taking ownership of the entire remediation workflow, Tamnoon was able to get our engineer back valuable time, and cut out remediation-driven production downtime from our development lifecycles. We’re now able to have one of our senior engineers re-focus on critical work for our business, knowing our cloud infra is secure.”
Company’s Cloud Security Director,
Healthcare company
The Solution
The healthcare company turned to Tamnoon for a cost-effective way to maximize their cloud security investment and refocus their senior engineer on critical business tasks. They leveraged Tamnoon's platform to:
1. Automate the identification, prioritization, and remediation of cloud misconfigurations.
Through their Managed Pilot offering, Tamnoon managed the full remediation lifecycle, proactively preventing recurring issues. Key responsibilities included:
- Toolset Optimization: Customized configurations to prioritize critical vulnerabilities.
- Task Contextualization: Aligned alerts with business objectives for targeted remediation.
- Impact Analysis: Simulated fixes in test environments to avoid disruptions in production.
- Owner Assignment: Assigned actionable tasks through Jira, integrating security with DevOps.
2. Regularly implement fixes using pre-built, validated playbooks and compliant scripts for swift, risk-free resolution.
3. Collaborate with in-house and consulting teams to automate remediation.
The Results
After just 3 months with Tamnoon, the company saw their mean–time-to-remediate decrease, their production speed ramp up, and their security experts save valuable time:
87% reduction in remediation costs:
- 95% reduction in mean-time-to-remediation - from 19.5 billable hours to under 60 minutes
- Average savings of $8,000 per critical alert remediation
- Consulting hours needed for routine tasks decreased significantly
Improved operational efficiency:
- Zero production downtime during remediation processes
- Enhanced visibility into security posture
- Stronger collaboration between security and DevOps teams
