Challenge
Hivebrite’s cross-functional teams lacked holistic visibility across their multi-cloud environment.
Bombarded by excessive alerts from a legacy CNAPP platform, Hivebrite teams used manual processes to stitch together information about risks, becoming progressively more disengaged.
Cross-functional teams needed more insights into toxic combinations that increased data and other risks.
Solution
Hivebrite’s cross-functional teams leverage Wiz Security Graph to show interconnections among all assets and resources across their multi-cloud environment.
Infrastructure and development teams gain actionable features with Wiz, that reduce alerts, surface high-priority risks, and decrease work strain.
With Wiz CSPM, Hivebrite teams can immediately see toxic combinations that they should address proactively.
Decreased alerts by 85%
while surfacing critical and high risks for remediation
Created holistic visibility across the company’s cloud-native infrastructure,
enabling teams to identify and prioritize risks effectively
Automated 85% of compliance requirements
with key security frameworks
Adopting security-first development and management processes at a cloud-native platform company
Hivebrite is an online community management platform organizations use to manage events, data, and content, maximizing their impact. Headquartered in Paris, France, Hivebrite works with more than 900 alumni groups, businesses, non-profit organizations, and incubators, providing the tools they need to build and run thriving communities.
As a data-driven organization, Hivebrite’s security strategy is to deliver safe products and ensure the integrity, privacy, and security of customer data. The company’s security leaders sought to leverage security monitoring throughout the software development lifecycle (SLDC) so developers could quickly investigate these issues and remediate them. The security organization is also responsible for ensuring that teams consistently follow security policies to address gaps and vulnerabilities quickly and consistently as they build and manage products. Finally, the group maintains security certifications, such as ISO 27001 and PCI DSS, that attest to the integrity of the company processes. The company and third-party partners regularly audit processes and partners to ensure compliance with relevant security frameworks.
To support its security strategy, Hivebrite operates a cloud-native platform based on Google Cloud Platform and AWS. The company leverages multiple managed services including Google Kubernetes Engine, Google Cloud SQL, and AWS S3 and others in their environment. In addition, the infrastructure, development, and site reliability engineering (SRE) teams use infrastructure as code (IaC) to create repeatable provisioning and management processes, ensuring that all resources are configured correctly, validated, and fully auditable.
We define success as not having any critical incidents within our company that impact customer data, followed by security policy compliance and maintaining the desired security posture of our products. Wiz has enabled us to empower cross-functional teams with risk insights, strengthen customer data protections, and secure end-to-end development processes.
Jeff Filippi, Information Security Officer, Hivebrite
Leveraging an all-in-one cloud-native platform to protect applications across their lifecycle
As the company’s growth accelerated, it began experiencing challenges with security and development processes. Hivebrite’s security leaders couldn’t see across all resources to get a composite view of risk. They also wanted to modernize security processes, shifting left and involving cross-functional teams in identifying, prioritizing, and remediating risks. However, the company’s legacy security solution couldn’t keep up with new requirements. The system had a disconnect between its runtime and CSPM findings, bombarding teams with noise and providing incorrect data they couldn’t effectively act on without stitching together findings. As a result, teams were becoming disengaged, using the tool less frequently.
Hivebrite’s security leaders decided to search for a cloud-native platform that could scan all assets, integrate runtime and CSPM findings, and identify and prioritize data and other risks, such as toxic combinations, that could harm the company’s compliance and security posture. The security team shortlisted two solutions and selected Wiz because of its easy-to-use interface, integrated CSPM and DSPM capabilities, built-in Wiz Cloud Compliance frameworks, and Runtime Sensor, which enables real-time monitoring and threat detection. As a result, Hivebrite is able to create a defense-in-depth strategy with just one tool.
“During our proof of concept, Wiz proved useful right away. It’s a plug-and-play solution you authorize to access your cloud environment. In just a few hours, you get a list of findings that should be addressed, including high and medium risks. Wiz also has built-in compliance frameworks that enable us to do ongoing integrity monitoring within our PCI DSS environments,” says Jeff Filippi, Information Security Officer, Hivebrite.
Hivebrite has a lot of different cloud services to oversee. We use IaC to ensure we’re building and managing our infrastructure consistently. As a result, we needed a cloud-native platform to manage all of these services, workloads, and data. We selected Wiz because it provides agentless processes, scanning our infrastructure and providing checks and audits on what is being developed and pushed out.
Jeff Filippi, Information Security Officer, Hivebrite
Detecting and remediating toxic combinations that could compromise data security
Hivebrite also sought to improve customer data protections. “The data that customers entrust us with is important, which is why we label everything confidential and ensure it’s encrypted. We need to ensure that no one can access it without formal authorization and that they have a valid business reason for accessing it,” says Filippi.
Previously, the company’s legacy security solution triggered excessive warnings because data policies were not effectively integrated across services. These false alarms caused development and other teams to experience alert fatigue.
Hivebrite now uses Wiz DSPM to scan all its data buckets, databases, BigQuery data warehouses, and data lakes to determine if data is confidential, contains PII, and can be accessed. Teams receive critical and high alerts for toxic combinations that correlate risks such as excessive access privileges, insufficient separation of duties, and inadequate data access control to detect attack paths such as unpatched vulnerabilities on public containers containing confidential customer data. By shifting left, developers address toxic combinations in testing rather than production, building products that are secure by design and decreasing risk remediation costs.
“That way, we have snapshots of whether our data is safe and the measures we need to take to protect it,” says Filippi. “So, for me and our data teams at Hivebrite, this is a huge win, and we are really happy to have activated the Wiz DSPM feature.”
Enabling cross-functional teams to address risk with less noise
After connecting Wiz, the security team was able to embed risk identification, prioritization, and remediation in continuous integration and delivery (CI/CD) processes. Previously, security teams identified high and medium risks, such as common vulnerabilities and exposures (CVEs), and brought them to developers’ attention. Now, developers use Wiz to identify risks as they build and test products rather than making time-consuming bolt-on fixes in production.
Because Hivebrite’s PCI DSS compliance depends on the team eliminating CVEs as they’re detected, the group managing the company’s payment gateway was the first onboarded to Wiz. Filippi told the team, “Here are your dashboards and risk tools, which are integrated into your CI/CD pipelines. You’re autonomous now. So, when you detect vulnerabilities, you must eliminate them according to our company’s patch policy.”
The company has since onboarded infrastructure, SRE, and development teams to Wiz, appointed security champions within teams, and holds bimonthly cross-functional meetings to discuss critical risks. Now, developers and other team members proactively bring up risk issues in their weekly meetings. “So that is how we drive change at Hivebrite: ensuring that people are responsible and autonomous and that they deliver value over time,” says Filippi.
Wiz is like a Swiss Army Knife with many features. It allows us to identify the real attack vectors in our infrastructure, identify and prioritize risks, and optimize scheduling. It has saved us a lot of time and enabled Hivebrite to improve its risk posture over time.
Jeff Filippi, Information Security Officer, Hivebrite
Empowering teams to detect and respond to threats in real-time
Having optimized testing processes, Hivebrite is extending Wiz to Kubernetes production environments. The security teams use the Wiz Runtime Sensor to help protect customer data in production environments by connecting the dots between CVEs, anomalous runtime events, and the assets they impact. For example, if a library with a CVE is loaded in memory, Wiz will flag it as a potential risk to investigate and address. However, if it’s not loaded, the team can deprioritize it and focus on other risks. Similarly, the Wiz Runtime Sensor detects the presence of malicious actors and any activities so that teams can intervene swiftly to reduce these risks.
Filippi says that Hivebrite used good security practices initially, but Wiz has brought clarity, control, and efficiency to teams’ work. That enables the company to innovate new products faster and scale operations in a secure and compliant manner, delighting its customers.
