We at Coalition are thrilled to be recognized as an Amazon Web Services (AWS) fintech startups partner. Coalition joins a growing list of companies that are using AWS to change the face of financial services:
"At AWS, we partner with forward-thinking fintechs and help them grow from startups to industry leaders," said Kathryn Van Nuys, Global Head of Fintech Startup Business Development, AWS. "We're excited to provide the critical infrastructure that furthers Coalition on its mission to solve cyber risk on a global scale."
It turns out that I know just a little about AWS, considering I spent the last 6 years there! I ran Monitoring and Observability services for AWS including Amazon CloudWatch and AWS X-Ray. All of that time spent inside AWS gives me a unique perspective on the value of partnership with AWS.
To understand why it’s important for us to run on AWS, you must first understand a bit more about Coalition. We are a technology company first. We are solving hard problems and building a business (and tech stack) for the long-term.
The intersection of technology and risk management
As I briefly covered in my first Coalition blog post, the insight that led to the founding of Coalition is that cybersecurity is a risk management problem, not a technology problem. Where there is technology, there is cyber risk, and no amount of technology can completely eradicate that risk because it’s fundamentally a human problem. What’s unique about Coalition is that we bring cyber tools, data, and deep security expertise wrapped in a business model that aligns all of the incentives with our customers to solve cyber risk. So even though we are trying to solve a problem that is broader than technology in some ways, our approach to solving cyber risk leverages technology at every juncture.
Let’s look under the hood at our technology to see what we have built to address this challenge. At the highest level it breaks down into two areas — a security platform and an insurance platform.
Coalition security platform
Our security platform starts with a large scale distributed scan engine. We continuously scan the entire IPv4 address space and a large and growing portion of the IPv6 address space. We complement that data with various different threat feeds and intelligence from our own honeypots to classify and correlate real-time security threat information. Then, we synthesize these data points to match digital assets to an organization, allowing us to provide an up-to-date global view of an organization's assets. It’s this view that we leverage throughout the lifecycle journey of our customers.
If you want to experience it for yourself, head over to our site and request your free Coalition Risk Assessment. We use the same data along with advanced analytics and machine learning to drive our underwriting decision for cyber insurance. Based on the risk surface and potential vulnerabilities, we decide whether or not to offer a policy and at what price.
Coalition insurance platform
This is a good point to pick up the discussion about our insurance platform. This is the application that we offer to insurance brokers and partner organizations to be able to quote and sell Coalition cyber insurance policies. Think about the insurance platform as a complex workflow engine. We first have to ask all of the right questions (attestations in insurance speak) based on the type of policy, locale, and coverages. Then, our underwriting engine matches information about the customer with the data from the security platform about the customer’s assets and potential threat vulnerability.
This is where we make the critical determination of how to price the risk associated with issuing a policy for this customer. That decision is driven by machine learning models that we continue to refine over time with our unique and ever-expanding data set about cyber risk exposure and its manifestation. Once we have produced a quote, the platform enables brokers to manage one or more quotes for any given account leading hopefully to a bound insurance policy. After the customer becomes a policyholder, other lifecycles start up, including invoicing/payment, deeper activity across the security platform, and then eventually renewal.
Our journey with a customer doesn’t end there, though. All Coalition policyholders receive access to our security platform and we proactively help them monitor for any new vulnerabilities or changes in security posture that occurs over the course of the policy. This is that alignment of incentives that I spoke about above in action. Coalition and our customers are equally invested in avoiding any manifestation of cyber risk.
I can’t take credit for the decision to run Coalition on AWS. That happened well before I got here and I was very happy that they had. AWS has the broadest array of services and the best operational performance by a wide margin. AWS is also continually listening to their customers and has a never-ending train of innovation. Fast-forwarding to future state Coalition, we will be a large, global Fintech. Running on AWS gives us confidence that we can continue to leverage all of the investment from AWS and focus on our own core business value.
As just one example, we were able to leverage AWS services to create and deploy an end-to-end machine learning system in a period of weeks to help automatically flag risky companies in our underwriting flow. In addition to utilizing Sagemaker for model training, evaluation, and production scoring, we constructed our feature extraction, including external calls with Lambda Functions, DynamoDB, and Simple Queue Service (SQS).
Finally, we were able to easily turn the service into a scalable API via the API Gateway service. This led to an underwriting improvement that requires little maintenance and quickly recouped the engineering costs involved.
And finally, we are hiring! If you love AWS, cybersecurity, and fintech, this is likely an awesome place for you to work!