Wiz Defend ist da: Bedrohungserkennung und -reaktion für die Cloud

Genpact speeds growth with secure AI-enabled solutions and DevSecOps processes

As Genpact accelerated its business transformation with AI advancements, it sought to increase visibility into cloud workloads and AI applications and empower teams to respond more swiftly to risks, fortifying DevSecOps and AI development processes.

Genpact

Industrie

Gesundheit

Region

Globale

Cloud-Plattformen

AWS
Azure
GCP
Oracle Cloud
Bereit für den Start?
Demo anfordern

Challenge

  • Genpact’s security team needed to centralize visibility across cloud workloads, AI applications, LLM model vulnerabilities, overly permissive identities, configurations, and exposures.  

  • Security needed to discover misconfigurations and exposures, using context, correlations, and reduce manual work to speed response. 

  • Security sought to shift left and address risk earlier in the development pipeline to improve the speed of product deployment and enhance the company’s security posture.

Solution

  • Genpact gained centralized visibility into its multi-cloud environment, including LLM models, vulnerabilities, code libraries, secrets, configurations, and metadata. 

  • The security team uses context and risk correlations on the Wiz Security Graph and Wiz AI-SPM capabilities to detect critical attack paths, including AI-enabled applications, and automate routing and remediation.  

  • Developers have fast insights into “toxic combinations” that should be quickly remediated, reducing noise and work strain.   

100% visibility icon

100% visibility

achieved across the multi-cloud environment

AI applications  icon

AI applications

deployed that are secure by design

Improved speed to remediate icon

Improved speed to remediate

zero-day vulnerabilities to within 7 days

Leveraging technology and security to accelerate business growth  

Genpact is a global professional services and solutions firm that partners with companies in highly regulated industries, using data, technology, artificial intelligence, and digital operations to transform their businesses. Like its clients, Genpact constantly evolves and runs 90% of its business across a multi-cloud environment protected by a best-in-class security program. 

While the company was an early adopter of multi-cloud infrastructure, its IT and security teams were hobbled by legacy CSPM solutions that identified misconfigurations but couldn’t rate or prioritize them. As a result, security teams had to manually ingest events and stitch together data from multiple platforms to contextualize and correlate issues. This process was cumbersome, reactive, and costly for a team that wanted to stay ahead of the latest threats.  In addition, Genpact sought to accelerate the deployment of artificial intelligence (AI)-powered applications that use real-time streaming data, large-language models (LLMs) and custom AI models, to automate processes and enable prescriptive analytics.

Accelerating our cloud migration wouldn’t have been possible without the help of Wiz, which provides a collective view of our exposures, identities, and vulnerabilities, both for corporate cloud environment and our acquisitions.

Rohit Kohli, Deputy Chief Information Security Officer, Genpact

Genpact leaders saw that they could accelerate the company’s cloud journey and AI-powered business transformation, while improving DevSecOps processes by centralizing visibility, context, and correlations about its risks. With this visibility, security would also have insight into existing—and new—hybrid cloud environments and AI deployments to uncover critical risks.  

In addition, Genpact wanted to shift left by involving security in earlier stages of product development, speeding up development cycles, and increasing product security and stability. “We need to test running configurations near real-time and understand how they work. We need to be aware if there’s an accidental misconfiguration by an IT admin or an intentional one by a threat actor, so we can act and fix it rapidly,” says Rohit Kohli, Deputy Chief Information Security Officer at Genpact. 

Gaining clarity into—and control over—multi-cloud security  

By connecting Wiz to its cloud environment, Genpact could progress toward its strategic goals faster. With unified CNAPP capabilities including DSPM and AI-SPM, security has the clarity to see into and protect its growing cloud and AI environment and sensitive data. The small team can proactively manage an IT footprint that spans multiple cloud providers and hundreds of projects.  

The company now runs more than 6,600 workloads in the cloud, from virtual endpoints and services to Kubernetes, containerized applications, and microservices. Genpact is also developing and scaling AI applications across its business.  

As a result, developers and AI teams need to automate the discovery of LLM models, vulnerabilities, misconfigurations and exposures, across sensitive data sources, workloads, and AI applications, so that they can prioritize risk remediation.  

Wiz not only tells us which virtual machine is exposed to the internet; it also provides additional context. We know who has administrative access, what the vulnerabilities are, and what data resides on those systems. We can bubble up the risk and severity level and make a compelling case when a system needs an immediate remediation.

Rohit Kohli, Deputy Chief Information Security Officer, Genpact

Genpact has connected Wiz directly to ServiceNow, so alerts are assigned to application owners for remediation. When the Log4j vulnerability was announced, the security team used Wiz to immediately identify where the vulnerability existed in application libraries and automatically assign owners remediation tasks. Previously, it would have taken four or five days to accomplish this task. With Wiz, application teams rapidly upgraded or removed affected libraries.   

Genpact has also matured its Infrastructure as Code (IaC) capabilities by integrating policies and monitoring tools into a single platform, reducing noise and workloads. This gain enabled Genpact to shift left, enabling developers to address risks earlier in the development cycle. “We have empowered our developers with direct access to Wiz, so they can log in and view their projects, resources, misconfigurations, and severity scores impacting their workloads,” says Kohli. As a result, security and development teams work collaboratively to address issues rather than having challenging conversations about why and when fixes need to be implemented. 

With Wiz AI-SPM capabilities, developers and security gain continuous visibility into AI models, training data, and AI services. They can proactively detect AI misconfigurations using built-in rules and automate the removal of AI attack paths. With secure AI pipelines, development and security teams can now accelerate the deployment and adoption of AI applications, such as new analytics-driven tools that help teams uncover new opportunities and speed decision-making.  

Embedding security deeper into development processes  

With greater clarity around cloud data and infrastructure risks and a unified team proactively addressing issues, Genpact has significantly improved its security posture and improved the time it takes to remediate critical vulnerabilities to within 7 days. “We have seen a significant reduction in the number of alerts,” says Kohli. “When we migrate workloads or deploy new AI applications, we focus on ensuring we have no critical severity alerts. That’s worked beautifully for us.” Genpact has been so successful with its risk remediations that it can now focus on less urgent issues.  

Teams also use Wiz Code capabilities to scan workloads, secrets, IaC, and identity and access management policies, reducing the effort to identify, prioritize, and mitigate risks across the product development lifecycle. “Wherever we have matured pipelines, we’ve been able to reduce the number of alerts significantly,” says Kohli. “This simplicity makes Wiz one of our most important platforms. It enables us to monitor and scale our complex ecosystem and securely enable applications on the cloud.” 

As a professional services firm, Genpact is at the forefront of AI adoption, so that we can bring something new to our clients. We use Wiz AI-SPM to accelerate the pace of AI application development and deployment, while enforcing AI security best practices. As a result, we can deploy AI applications that are secure by design and build trust with key stakeholders.

Rohit Kohli, Deputy Chief Information Security Officer, Genpact

Positioning for future growth  

By achieving complete visibility across its infrastructure stack, streamlining collaboration among diverse stakeholders charged with improving security, and using AI to automate remediation, Genpact is setting a standard for risk and security excellence.  Kohli says Genpact will continue to reduce the attack surface and enhance DevSecOps and AI deployment processes with Wiz.  

Eine personalisierte Demo anfordern

Bist du bereit, Wiz in Aktion zu sehen?

“Die beste Benutzererfahrung, die ich je gesehen habe, bietet vollständige Transparenz für Cloud-Workloads.”
David EstlickCISO
“Wiz bietet eine zentrale Oberfläche, um zu sehen, was in unseren Cloud-Umgebungen vor sich geht.”
Adam FletcherSicherheitsbeauftragter
“Wir wissen, dass, wenn Wiz etwas als kritisch identifiziert, es auch tatsächlich ist.”
Greg PoniatowskiLeiterin Bedrohungs- und Schwachstellenmanagement