SIXT is a leading international provider of high-quality mobility services. With our products SIXT rent, SIXT share, SIXT ride and SIXT+ we are providing an integrated premium offering across the fields of vehicle and commercial vehicle rental, car sharing, ride hailing and car subscriptions. In our core business “SIXT rent” we are providing our customers with more than 2,000 branches in over 105+ countries with a fleet of more than 350,000 vehicles (including franchise partners) – from high-end convertibles to premium SUVs.
Within SIXT TECH, we create solutions that make the customer journey more attractive, simpler and faster, and thus add value to our customers. These include, for example, our innovative booking process on the website and via app, our Mobile Check-in, which allows customers to speed up vehicle pick-up and avoid waiting times at the counter, and the ongoing installation of car gates, which make both pick-up and return faster thanks to transparent capture of the vehicle's condition.
The high relevance of the TECH Area is also reflected in the words of Erich Sixt, Chairman of the Supervisory Board of Sixt SE: “Over the years, SIXT has developed into a tech company with an associated car rental business.”
Mission Security Automation
The SIXT security engineering team delivers both fully managed solutions and self-service capabilities to enable our engineers to build best-in-class, secure products. At the same time, we continuously evolve our tools, practices and culture to minimize vulnerabilities and reduce attack surface risks.
Challenge:
As SIXT migrated to cloud and continues to expand its cloud infrastructure, the company needed visibility across its entire environment to identify vulnerabilities and misconfigurations.
The SIXT engineering teams were tasked with embedding risk management and detection practices into their workflows - without compromising on speed or scalability.
SIXT also aimed to foster a proactive security culture that prioritized access to information and reduced time to remediation.
Solution:
SIXT now maintains comprehensive visibility across its growing cloud footprint.
Security is seamlessly integrated into the development pipeline, enabling developers to remediate misconfigurations before deployment.
With natural language queries and easy-to-read charts, teams - from developers to senior leaders - can access actionable insights to continuously strengthen SIXT’s security posture.
Decreased critical issues by 85%
and high-risk issues by 75% in a few months.
Reduces remediation times
from days to hours or even minutes.
Catches more risks before deployment
by shifting development left.
Streamlining cloud security management by enhancing visibility
One of the most challenging topics for SIXT was the limited visibility into security events across its cloud footprint. The security team had to manually identify, evaluate, and communicate potential threats - a time-consuming process that increased the risk of critical events going unnoticed.
Additionally, existing security tools required constant manual maintenance, introducing friction that slowed down both the detection and remediation efforts. With around 9,000 deployments per month, maintaining an agile development environment while upholding consistent cloud security became increasingly difficult.
SIXT seized the opportunity to tackle these challenges by embedding security more deeply into its development and deployment processes. This shift included building a secure-by-design approach that matched the company’s rapid pace of innovation and growth.
Our goal was to enable developers to build secure-by-design products without compromising on speed - and with Wiz, we found a reliable partner to support us on this journey.
Ratish Venkitachalam, Senior Engineering Manager Cloud Security, SIXT
Faced with these challenges, the SIXT TECH team recognized the need for an advanced, scalable security platform that would streamline processes, empower development teams, and deliver real-time insights into security events. After an intensive evaluation involving engineers, developers, and the SIXT security guild, Wiz was selected as the Cloud-Native Application Protection Platform (CNAP) of choice.
Empowering non-security personnel with actionable security insights
As Wiz comes as an agentless solution, the Security team was able to deploy across more than 170 AWS accounts within just a few hours – a process that could have taken months with an agent-based CNAP solution.
“The deployment experience with Wiz was the smoothest I’ve encountered,” says Manjunath Maneppagol, Senior Cloud Security Engineer. “We integrated everything in hours without disrupting workflows or slowing scaling efforts.”
Wiz provides SIXT with unified cloud security solutions, including Cloud Security Posture Management (CSPM) and Data Security Posture Management (DSPM). With this consolidated view, SIXT has complete visibility into its cloud infrastructure – enabling the teams to identify vulnerabilities, misconfigurations, and sensitive data exposures more efficiently.
Beyond what native cloud tools offer, Wiz delivers comprehensive insights across business units, equipping teams to manage real-world risks more effectively.
“Wiz doesn’t just discover sensitive data - it gives us the context we need, like whether it’s exposed to the internet or contains exploitable vulnerabilities”, Manjunath Maneppagol says. By using the Wiz security graph, SIXT built custom dashboards to provide engineers with actionable insights tailored to their services. These dashboards enable developers to address the exact issues and provide clear prioritization and context to address security risks more efficiently. Discovered vulnerabilities have been integrated into sprint cycles without disrupting agile workflows. Engineering teams can use natural-language queries to see progress in the company’s security posture goals.
Additionally, Wiz’s integrations with Jira, Slack but also SIXT’s Security Information and Event Management (SIEM) platform make it even easier to collaborate across teams on discovered issues. Wiz helps automate workflows, routing alerts to the right teams automatically.
Transforming security into a business enabler
Since implementing Wiz, SIXT has improved and optimized the overall security posture, operational efficiency, and developer experience. Security has transformed from a potential bottleneck into an enabler of agile innovation. One of the most striking outcomes was the substantial reduction in vulnerabilities across the Cloud infrastructure, where SIXT reduced critical issues by 85%.
With our continued risk awareness and the Wiz CNAP baked into the development process, our engineers can resolve vulnerabilities within their sprint cycles. What once took days to address is now fixed significantly faster, enabling quicker responses to potential risks across our cloud environment.
Non-security experts can query our environment, prioritize actionable risks, and actively contribute to security processes – all without needing to consult the security team directly. That’s a significant change for sprint planning.
Manjunath Maneppagol, Senior Cloud Security Engineer, SIXT
