[Case Study] Domestic CNAPP 'Cloudbase' Publishes Adoption Case Study for Ministop Co., Ltd.

Cloudbase Inc. (Headquarters: Minato-ku, Tokyo; Representative Director and CEO: Koya Iwasa; hereinafter "Cloudbase") announced the publication of an adoption case study interview with Ministop Co., Ltd. (Headquarters: Chiba Prefecture; Representative Director and President: Masatsugu Horita; hereinafter "Ministop"), which operates the convenience store "MINISTOP," regarding its domestic CNAPP (CSPM, SBOM, Vulnerability Management) product "Cloudbase."

This case study introduces in detail their initiative that corrected over 500 cloud risks in a short period, the deciding factors for adoption, the changes after implementing Cloudbase, and future prospects.

Please see the details below. https://cloudbase.ink/case/ministop

Background of Adoption | Increasing Security Challenges Contrary to Cloud Expansion. Limitations of a Small Team Ministop has dramatically improved service convenience through aggressive cloud utilization accompanying DX promotion. On the other hand, as the area to protect expanded rapidly, they faced the advanced challenge of "aggressive IT investment" where it became difficult to comprehensively grasp cloud-specific complex configuration errors and authority management using traditional methods alone.

Meanwhile, the information system department in charge of response is operated by a limited number of personnel, and handling advanced security responses in addition to daily tasks had become a significant burden. They were overwhelmed with individual responses and lacked the capacity for continuous improvement.

Under these circumstances, a new approach was required that could efficiently visualize and correct risks while leveraging existing operational schemes and vendor collaborations.

Effects After Adoption | Resolving Over 500 Risks in Less Than a Year. Realizing Development Process Improvement and Cost Reduction By introducing Cloudbase, they succeeded in resolving over 500 risks that existed in their cloud environment in less than a year. The major achievement is that they were able to efficiently proceed with corrections even with limited resources by visualizing risks and responding according to priority.

Furthermore, beyond mere countermeasure execution, it led to the improvement of development and operational processes based on the causes of risks. By advancing countermeasures and rule developments from the design stage, it has prevented the recurrence of similar problems and contributed to reducing the operational load.

Being able to implement the system while leveraging the existing structure and vendor collaboration established a continuous improvement cycle in an unforced manner, which ultimately led to cost reductions.

Future Prospects | Evolution of the Product and Expectations for "Improving the Security Level of Japan as a Whole" through the User Community Moving forward, the policy is to advance further security strengthening and operation sophistication based on the knowledge gained from this initiative. Continuous improvement and product evolution are indispensable to keep responding to the evolution of the cloud environment.

Additionally, expectations are placed not only on individual company initiatives but also on knowledge sharing among users and the revitalization of the community. Sharing actual operational cases provides beneficial insights for companies facing similar challenges and contributes to raising the security level of Japan as a whole.