Cyber Security Cloud, Inc. (Head office: Shinagawa-ku, Tokyo; Representative Director, President and CEO: Toshihiro Koike; hereinafter referred to as "the Company") has introduced its public cloud WAF automated operation service "WafCharm" and its fully managed public cloud environment security service "CloudFastener" to JTB Corporation (Head office: Shinagawa-ku, Tokyo; hereinafter referred to as "JTB"), which operates tourism businesses and other businesses.

■ Background of introduction
As part of its digital transformation, JTB is currently promoting a large-scale migration project from a private cloud environment in its data center to a public cloud environment.
Until now, the company had maintained a high level of security by utilizing a third-party CDN and WAF as security measures for its important business infrastructure. However, with the transition to a public cloud environment, the company has strategically decided to transition to a WAF provided by the public cloud, with an eye toward adopting cloud-native services and future expansion.

However, the implementation and operation of a WAF provided by a public cloud requires specialized knowledge and know-how, and the company faced the challenge of not having sufficient accumulated knowledge in-house. In particular, professional support was essential to reproducing the advanced security policies and detection rules implemented in the previous WAF on the new WAF and further optimizing it.
Furthermore, as the cloud-first strategy accelerated, there was an urgent need to address security risks specific to the cloud. In response to increasingly diverse and sophisticated cyber threats, strengthening a comprehensive security operation system specifically tailored to public cloud environments was recognized as an important management issue.
Given this background, they introduced "WafCharm" and "CloudFastener" as solutions that support the implementation and operation of WAFs provided by public clouds and can strengthen the security system of the entire public cloud environment.

[Comment from Shinichi Watanabe, Manager of the Web System Solutions Department, Web Sales Division, JTB Corporation]
As we moved to a public cloud environment, one of our most important challenges was strengthening our cloud security system. By implementing WafCharm and CloudFastener, we were able to effectively resolve this issue.
"The major deciding factor for us in choosing WafCharm was the onboarding support provided by the public cloud before implementing the WAF. Maintaining the high level of security achieved with our previous WAF made by another company was a must, but we received suggestions for optimal rule settings, including signature customization, which enabled us to complete the WAF migration in a shorter time than expected and achieve stable operation."
With regards to CloudFastener, we were assigned a dedicated technical account manager who is well versed in cloud security, which allowed us to accurately grasp the security issues specific to public cloud environments and gradually strengthen our security, starting with the areas with the highest priority. This support system has also allowed us to steadily build up our knowledge of cloud security within the company.

Furthermore, by combining these two services, we were able to establish a multi-layered defense system that not only protected web applications with a WAF, but also comprehensively covered the entire public cloud environment, creating a robust security foundation for the future expansion of digital services.
We are very pleased that we can now focus on further improving our customer service, as we now have an environment in place where we can continue to operate our business with peace of mind even after migrating to a public cloud environment.

■About the public cloud WAF automated operation service "WafCharm "
WafCharm, a WAF automation service, automates the operation of WAFs provided on public cloud platforms. It supports the three major cloud platforms: AWS, Azure, and Google Cloud. By deploying WafCharm, you can automatically apply rules optimized for your specific environment. WafCharm also handles complex tasks like customizing and adding rules. Its automatic blacklist update function, utilizing WAF logs and our proprietary detection data, eliminates the need for manual blacklist additions. This service enables you to configure and operate a WAF even without an in-house security engineer. Furthermore, 24/7 technical support is provided, ensuring peace of mind in the unlikely event of a false positive or other problem.
WafCharm can significantly reduce the amount of work required to operate a public cloud WAF, contributing to the realization of efficient security management.

"WafCharm" service site: https://www.wafcharm.com/jp/

■About "CloudFastener," the Fully Managed Security Service for Public Cloud Environments
CloudFastener is a fully managed security service for AWS, Azure, and Google Cloud that leverages cloud-native security services to provide comprehensive management of resources and alerts within the customer's cloud environment, along with tailored support from security experts. CloudFastener flexibly provides support for threat detection, vulnerability management, data protection, audit logging, compliance response, and more, in a form that is tailored to your environment configuration, organizational structure, providing comprehensive, one-stop support for the entire cloud security operation, from formulating governance policies to recovery and remediation.
In addition, CloudFastener employs an in-sourced support model in which a team with advanced expertise and experience supports the customer from within. This enables companies and organizations without dedicated security teams to advance cloud security measures quickly and effectively.

CloudFastener service URL: https://cloud-fastener.com/

■About Cyber Security Cloud, Inc.
Address: 13th Floor, JR Tokyu Meguro Building, 3-1-1 Kami-Osaki, Shinagawa-ku, Tokyo
Representative: Representative Director, President and CEO Toshihiro Koike
Established: August 2010
URL: https://www.cscloud.co.jp/
With the mission of "creating a safe and secure cyberspace for people all over the world," we are a Japanese security manufacturer that provides web application security services utilizing world-leading cyber threat intelligence, as well as vulnerability information collection and management tools and fully managed security services for cloud environments. As one of the global companies in cybersecurity, we will contribute to solving social issues related to cybersecurity and providing added value to society.