Integration platform Digibee was growing fast, doubling customers in just six months. But in this growth period, Digibee adopted disconnected security tools that made achieving full visibility a challenge.
The team struggled to identify and remediate all the risks in Digibee’s sprawling cloud environment that includes thousands of virtual machines and Kubernetes clusters.
While Digibee grew, it needed to maintain its compliance certification requirements, especially around PCI DSS payment card data security and SOC Type 1 & 2 cybersecurity controls validation, to meet customer and auditor expectations.
Digibee unified its approach to security and consolidated multi-cloud visibility with Wiz to secure its growing environment, despite having a lean team.
Digibee quickly and easily identifies risks using Wiz’s agentless solution—even those individual Kubernetes clusters and virtual machines—to better monitor its entire cloud environment.
Digibee automatically produces reports that fulfill customers’ and auditors’ compliance certification requirements, especially around payment card data security and cybersecurity controls validation.
High-growth Digibee delivers a paradigm shift in systems integration
Digibee is a born-in-the-cloud, low-code integration-platform-as-a-service (iPaaS) provider. Built for developers, it scales integrations, optimizes developer resources, and helps IT leaders deliver powerful products and services.
The firm, founded in 2017 with its headquarters in Weston, Florida, drastically reduces the complexity of IT integration, enabling enterprises to digitally transform their legacy systems up to ten times faster than other solutions.
The need for integrations triggers around 60% of global IT backlogs. Digibee enables its customers to quickly clear these backlogs, adopt a future-proof architecture, and integrate and innovate at speed, all without needing a single line of code or investment in new systems.
Digibee doubled its client portfolio in just six months and is now a critical integration tool for more than 250 corporate customers, including Itau, Johnson Brothers and Payless. The company had to scale quickly to meet this demand, adopt more cloud services, and hire more employees. This rapid expansion meant Digibee needed to take its cloud security to the next level.
Building a market-leading iPaaS firm mid-flight
During five years of high-growth, Digibee’s cloud security was managed by multiple stakeholders. In that time, the company created a large and complex cloud environment to serve its customers’ integration needs. This expansion included cloud-native technologies such as Kubernetes clusters and virtual machines, but with an increasing level of cloud complexity, the company needed a unified approach to security.
Digibee was using Google Security Center as its main security tool, but as it embraced a multi-cloud approach to its infrastructure, teams lacked a single view of their complete cloud environment. This meant it was difficult to identify and mitigate all the risks Digibee faced.
We were growing fast but didn’t have the visibility across our IT systems that we needed. We also had customers asking us for security certifications to prove that our systems were safe, reliable, and had the right levels of availability. We were basically building the plane while it was in flight.
Tiago Bernardinelli, Head of Cloud Engineering & Global Operations, Digibee
As the company grew, more and more customers, investors, and auditors were requesting proof that Digibee’s cloud environment met their standards of security.
“We had over 1,000 VMs under management, which is a pretty big environment, but we didn’t have the visibility we needed. This made due diligence checks a major challenge,” explains Tiago Bernardinelli, Head of Cloud Engineering & Global Operations at Digibee.
To continue growing, the company needed to provide security certifications—such as PCI DSS payment card data security and SOC Type 1 & 2 cybersecurity controls validation—quickly and easily. It also needed to achieve this without a dedicated cloud security function, so the company started a search for an external partner it could trust in its security journey.
Digibee fast-tracks its cloud security journey
Digibee wanted complete visibility into its cloud environments delivered by a unified, streamlined cloud security platform. It chose Wiz to achieve full cloud visibility in one dashboard and swiftly detect and remediate misconfigurations.
Consolidating its cloud security also helps teams locate personally identifiable information (PII) within Digibee’s cloud environment and ensure it is fully compliant based on its customers’ and auditors’ needs. It can also generate compliance reports more efficiently that can be easily shared with internal and external stakeholders.
The company has also been able to minimize security vulnerabilities by scanning all new software code that passes through Digibee’s continuous integration and continuous deployment (CI/CD) pipeline. By constantly monitoring new code, the company is more secure, and it can save on operations costs by identifying and switching off unused cloud resources uncovered during scanning.
Satisfying these requirements gave Digibee a better understanding of how its resources connect, creating a single source of truth for all of its security information.
The first thing that impressed me about Wiz was the way it generated an inventory of our cloud environment. In a very easy way, it showed me how our applications connect, how they interact with each other, and how they are open to the world.
Tiago Bernardinelli, Head of Cloud Engineering & Global Operations, Digibee
Digibee was also looking for an easy-to-deploy solution that could scan and inventorize its cloud environment without the need for intrusive software or expensive data calls, controlling cost as the company continued its high-growth trajectory.
“The ability to find issues without using agents or other intrusive software inside our environment was crucial, not least because agents impact performance,” says Bernardinelli. “There are also cost implications when you scale in the cloud. Finding a solution like Wiz that’s non-intrusive but capable of gathering the information we needed was essential.”
Identifying historic vulnerabilities and achieving a ‘zero criticals’ pipeline
As soon as Digibee’s engineering team began scanning the company’s Kubernetes clusters, they identified critical cloud security vulnerabilities. For example, at least one redundant elastic search was discovered, alongside other old pieces of software. Digibee also discovered critical PCI data storage issues that threatened compliance. Using Wiz, these vulnerabilities, and many others like them, were immediately addressed.
Giving everyone access to a single source of the truth proved to be a major turning point in Digibee’s cloud security journey. With universal access, Digibee engineers have access to a prioritized view of risk, so they can easily see, understand, and remediate risk themselves. Digibee operationalized this single view of the truth using a two-week development cycle. Engineers meet once a fortnight to discuss risks discovered by Wiz and then create objectives and key results based on those findings.
As a result of implementing this new operating model to effectively remediating risk and eradicate security vulnerabilities early in the software development cycle, Digibee successfully achieved “zero-criticals” status.
Wiz is like my right arm. It puts the data in context and helps our engineers prioritize and understand what they need to do.
Tiago Bernardinelli, Head of Cloud Engineering & Global Operations
The compliance process has also been streamlined, with Digibee using Wiz to efficiently renew all-important compliance certifications.
The company has improved its cloud security posture across the board. Full visibility has enabled Digibee to establish an objectives and key results (OKR) regime, helping teams to prioritize key vulnerabilities and significantly shift the cloud security needle in the process.
“We now have a goal of fixing every critical vulnerability in five days and high vulnerabilities in 13 days,” says Bernardinelli. “Our engineers can now understand the issues, prioritize problems, and they know the remediation drill. The key is that everyone in my team has access to Wiz and if they see a quick win they don’t even need to ask, they just address it.”
Breaking new markets in a secure and sustainable way
Digibee continues to grow, adding new customers and more security headcount in the US—a highly competitive and more tightly regulated market than it has previously navigated. To grow, the company plans to continue building upon its cloud security program and demonstrating the safety of its environment to customers and auditors.