Challenge
Securing millions of container images and workloads with 20 engineers and no dedicated security function
Manual security audits stalling enterprise deals requiring SOC 2 Type 2
Scaling security across massive Kubernetes infrastructure running customer code
Solution
Deployed Wiz's agentless Kubernetes security platform for comprehensive visibility without production overhead
Consolidated multiple security tools into a single unified platform
Enabled 40% of the company to maintain enterprise-grade security across all infrastructure
70% reduction
in vulnerabilities within 3 months
SOC 2 Type 2
compliance achieved
10 engineers
securing infrastructure at a scale that would typically require a dedicated security organization
Founded in 2019, Northflank set out to solve one of modern software development's most persistent challenges: making Kubernetes accessible to developers.
Northflank is a self-serve developer platform designed to get workloads into production without teams having to manage Kubernetes directly. It supports a wide range of workloads out of the box, including long-running services, AI sandboxes, managed databases, and GPU workloads for inference and training. The platform handles everything from build and deployment to scaling, networking, and isolation, allowing teams to move from code to production with minimal operational overhead.
As Will Stewart, CEO and founder, explains, "Building and deploying software is still hard, even with Kubernetes. Northflank fixes Kubernetes for developers."
The growth has been rapid. With just 25 team members, 80% engineers, Northflank now supports over 70,000 developers deploying to production, managing millions of unique container images and workloads in the process.
Enterprise Security, Startup Resources
Scale created a paradox. As a platform running untrusted customer code, Northflank's control plane needed robust security. But with no dedicated security team and 20 engineers responsible for millions of container workloads, comprehensive coverage through manual processes was out of reach.
The problem became acute as Northflank expanded. Every enterprise deal came with manual security questionnaires. SOC 2 Type 2 certification, a hard requirement for many prospects, was essential. Adding headcount wasn't the answer. They needed technology that could multiply the effectiveness of the team they had.
"As a platform, our control plane needs to be incredibly secure. It's very manual without Wiz. A small team managing a huge amount of compute, it's almost impossible."
Will Stewart, CEO, Northflank
Northflank had a thorough evaluation process, watching the Wiz Platform evolve against their specific requirements. Three factors were decisive.
Kubernetes-native integration. Generic cloud security tools weren't viable. "The Wiz Kubernetes integration is essential," Stewart says. "If there was no Kubernetes integration, we wouldn't have chosen Wiz," notes Stewart. Deep visibility into their container orchestration layer, workload relationships and potential attack vectors was non-negotiable.
Agentless architecture. For a platform where every CPU cycle impacts customer workloads, traditional agent-based tools were a non-starter. Wiz's agentless model provided comprehensive coverage without production overhead.
Platform consolidation. Managing multiple security vendors would have recreated the exact problem they were trying to solve. "We didn't want to buy two tools, we just wanted Wiz," said Stewart.
Access to a demo environment confirmed the decision, giving the team hands-on confidence before committing.
Today, 10 of Northflank's 25 team members use Wiz, security distributed across the engineering organization rather than siloed in a specialist function. The Wiz Graph is central to their operations, mapping traffic, compute, and lateral movement across an environment running millions of container workloads.
Wiz also serves as a continuous safety net. "It's helpful that someone else is taking a look at these things," Stewart notes. "Wiz is there to expedite notifications if we've missed something." As infrastructure evolves and new workloads spin up, coverage stays comprehensive without manual oversight.
Security as a competitive advantage
Within three months of deployment, Northflank reduced vulnerabilities by 70%, rapid transformation enabled by comprehensive visibility and prioritized remediation guidance. More significantly, they achieved SOC 2 Type 2 compliance, removing the barrier that had been blocking enterprise deals, adding a competitive advantage.
"Wiz gives us visibility and best-in-class integration with our cloud accounts. This allows us to cut through the noise and focus on what matters."
Will Stewart, CEO, Northflank
Ten team members now secure infrastructure supporting 70,000+ developers, a ratio that would be impossible with traditional security tooling or an agent-based approach.
Looking ahead, Stewart emphasises the value of partnership as Northflank continues to scale. "It's essential that we work with partners like Wiz who are ready to roll up their sleeves and jump in with us on helping us get access to key new features." As the platform evolves and customer requirements grow more sophisticated, a security vendor that innovates alongside them is critical.
For Northflank, Wiz resolved the central paradox of startup security: enterprise-grade outcomes without enterprise-scale resources. The result is security that operates quietly in the background, just as intended.
