Challenges
A rapidly growing serverless AWS environment made it nearly impossible to distinguish real, exploitable risks from alert noise.
A three-person security team needed to scale ownership across 80–90 IT staff without creating bottlenecks.
Accelerating supply chain attacks and AI-driven vulnerability discovery demanded earlier detection in the development lifecycle.
Solutions
La Centrale replaced alert overload using Wiz's Security Graph to correlate exposure, vulnerabilities, and permissions into actionable attack paths.
With 95% of the IT department owning their findings directly, La Centrale scaled security accountability across the business without growing the security team.
La Centrale stopped vulnerabilities reaching production by embedding CI/CD scanning and PR-blocking directly into every feature team's development workflow.
> 90% Reduction
in critical open vulnerabilities.
1.9 to 4.4 leap
in NIST maturity score over four years of independent audits.
5-day SLA
on critical vulnerability remediation, enforced and tracked across all feature teams.
The Challenge: Scalability, Noise, and Siloed Risks
As one of France’s most recognized digital automotive marketplaces, La Centrale attracts over 16 million unique monthly visitors and handles 30 million vehicle valuations a year. Powering this massive operation is a cutting-edge, fully serverless AWS environment consisting of more than 2,000 Lambda functions driven by autonomous feature teams.
With a fast-moving CI/CD cadence, the security function responsible for this vast footprint consists of just three people: Nicolas Poulain (Deputy CTO), Tristan Lasalle (Solution Architect), and Dhouha Melki (SecOps Engineer). Equipping the broader IT organisation to own security wasn't a nice-to-have, it was essential.
When a change of shareholders brought rigorous external audits and an initial NIST score, the team knew they needed to rapidly accelerate their security program. However, their legacy security tooling lacked context. It bombarded the team with disconnected findings, vulnerabilities, misconfigurations, and identity risks without correlating them into a coherent picture of actual business risk.
To determine if a vulnerability was actually exploitable, the team had to manually correlate network exposure, IAM permissions, and data sensitivity. At scale, this approach was unsustainable, creating bottlenecks and friction with development teams.
The hardest part was quickly answering a simple question: what is actually exploitable and critical for the business? That lack of contextualization slowed everything down.
Nicolas Poulain, Deputy CTO, La Centrale
The Solution: Graph-Based Context and Shared Ownership
La Centrale replaced legacy alert noise with the Wiz Security Graph. Instead of treating issues in isolation, Wiz automatically correlated exposure, vulnerabilities, permissions, and sensitive data to map out true, critical attack paths. This immediately eliminated the guesswork for the security team.
To truly scale, La Centrale democratized security by mirroring their DevOps culture. Today, 95% of the IT department has direct access to Wiz. Every feature team is equipped with a dedicated dashboard showing contextualized findings within their specific scope.
Through automated Jira integrations, developers receive pre-populated tickets complete with attack path analysis and clear remediation steps. Security has shifted from a roadblock to an integrated element of the development workflow.
Proactive Threat Defense and "Shifting Left"
This decentralized model proved its value when a malicious open-source package threatened to exfiltrate API keys from developer environments. The Wiz Threat Intel Center flagged the threat immediately.
We heard about the supply chain threat on Reddit, checked Wiz, and there was a big red banner showing exactly which repositories were impacted. We raised high-priority tickets and patched before the vulnerability could be exploited.
Tristan Lasalle, Solution Architect, La Centrale
La Centrale has since extended this proactive posture into their development pipeline using Wiz Code for Infrastructure as Code (IaC) scanning, Software Composition Analysis (SCA), and secret detection. PR-blocking on critical findings stops vulnerabilities before they ever hit production.
Furthermore, the team is leveraging Wiz AI to triage findings and is running a proof of concept with the Wiz Green Agent to fully automate Jira ticket generation with tailored remediation blueprints.
The Green Agent creates a Jira ticket with the full description, attack path analysis, and remediation steps already populated. Developers have everything they need to act immediately.
Dhouha Melki, SecOps Engineer, La Centrale
The Results: A Model of Cloud-Native Resilience
By moving away from traditional perimeter-based security and legacy scanning tools, La Centrale has turned its cloud complexity into a distinct advantage.
Drastic Risk Reduction: Critical open vulnerabilities were reduced by over 90%, down to single digits.
Auditable Maturity: Independent external audits mapped a dramatic improvement in their NIST maturity score, climbing from 1.9 to an elite 4.4 out of 5.
Operational Discipline: La Centrale enforces a 5-day remediation SLA on all critical findings, tracked monthly per feature team, turning security accountability into a measurable, team-level commitment.
For good adoption, security has to fit naturally into the team's workflow. We give it in small doses, demonstrating value gradually rather than imposing change all at once. The teams own their security now, and that would not be possible without Wiz.
Tristan Lasalle, Solution Architect, La Centrale
Ultimately, Wiz provided La Centrale with the ultimate force multiplier: a way to transform a three-person security team into an organization-wide culture of proactive defense.
What we tell other organizations is that the main value of Wiz doesn't come from detection alone, it comes from contextualization. The ability to link exposure, identity, vulnerability, and sensitive data completely changes how you prioritize. Wiz enabled us to move from an alert-volume mindset to an exploitable-risk mindset.
Nicolas Poulain, Deputy CTO, La Centrale
