Scaling On-Prem Security at Palantir

How Insight, Foundry & Apollo Keep Thousands of Servers in Check

Palantir
8 min readintermediate
--
View Original

Overview

The article discusses Palantir's approach to scaling on-premises security through their Insight solution, which enhances security compliance across various deployment environments. It highlights the importance of tailored security measures for different infrastructures and the integration of automated checks to ensure compliance and streamline remediation processes.

What You'll Learn

1

How to implement Palantir Insight for on-prem security compliance

2

Why physical access security is crucial for on-prem solutions

3

When to leverage Foundry for actionable insights from JSON reports

Prerequisites & Requirements

  • Basic understanding of security compliance frameworks like DISA STIGs and CIS
  • Familiarity with Palantir Foundry and Insight(optional)
  • Experience with on-prem deployment environments

Key Questions Answered

How does Palantir ensure security compliance in on-prem environments?
Palantir ensures security compliance in on-prem environments through a combination of tailored security measures, including OS and host-level configurations, and the use of their Insight tool for automated security checks. This approach allows for continuous validation and adherence to rigorous security standards.
What is the role of the Insight tool in on-prem security?
The Insight tool serves as a benchmarking solution that evaluates security configurations on Linux hosts. It provides modular checks, generates JSON reports with compliance statistics, and helps maintain security standards across various deployment environments.
What challenges do air-gapped environments present for security compliance?
Air-gapped environments present challenges such as the inability to connect to the internet for updates or data transfer. Palantir addresses this by packaging their Workshop application for offline use, allowing users to access compliance metrics and remediation content without an internet connection.
How does Palantir automate the deployment of the Insight tool?
Palantir automates the deployment of the Insight tool using a Helm chart that deploys it as a DaemonSet on Kubernetes nodes. This eliminates manual steps and ensures that the Insight binary is kept up to date across all hosts, streamlining the compliance process.

Key Statistics & Figures

Checks Total
100
The total number of checks available in the Insight tool for evaluating host security.
Checks Passed
93
The number of checks that passed during a security evaluation, indicating a high level of compliance.
Checks Failed
2
The number of checks that failed, highlighting areas needing remediation.

Technologies & Tools

Some links below are affiliate links. We may earn a commission if you make a purchase.

Security Compliance Tool
Palantir Insight
Used for evaluating security configurations and ensuring compliance in on-prem environments.
Data Integration Platform
Palantir Foundry
Facilitates the analysis of JSON reports and provides a collaborative environment for security reviews.
Container Orchestration
Kubernetes
Used as the substrate for deploying Insight and managing on-prem security solutions.
Deployment Automation
Apollo
Automates the deployment and update process for the Insight tool across multiple hosts.

Key Actionable Insights

1
Integrate the Insight tool into your on-prem deployment process to automate security compliance checks.
By using Insight, organizations can streamline their security validation processes, ensuring that compliance is maintained without extensive manual effort.
2
Utilize the Build Questionnaire to capture essential context for new deployments.
This practice ensures that all relevant information about the build process is documented, aiding in future reviews and compliance checks.
3
Leverage Foundry's Marketplace to access compliance tools in air-gapped environments.
This allows teams to maintain security oversight even in isolated environments, ensuring that compliance metrics are still gathered and reviewed.

Common Pitfalls

1
Neglecting to secure physical access to on-prem servers can lead to significant vulnerabilities.
Physical access is a major risk factor in on-prem environments. Ensuring that physical security measures are in place is crucial to prevent unauthorized access.
2
Failing to maintain up-to-date compliance checks can result in security gaps.
Regularly running the Insight tool and reviewing compliance reports is essential to ensure that security standards are continuously met.

Related Concepts

Security Compliance Frameworks
On-premises Deployment Strategies
Automated Security Tools