Wiz
Customers

Protecting Ledger’s infrastructure to demonstrate the strength of its own security products

Ledger, a blockchain security company, adopted Wiz to better monitor its own tooling and infrastructure to offer its users cutting-edge protections for cryptocurrency and blockchain assets.

Ledger

Industry

Technology

Region

Europe
Ready to start?
Get a demo

Challenge

  • With a growing multi-cloud environment, Ledger needed to simplify and centralize security management to protect its assets. 

  • Cryptocurrency is a frequently targeted, high-stakes industry, and Ledger needs to identify and mitigate threats quickly to protect itself and its customers. 

  • Ledger has to stay compliant with strict financial services regulations and needs to see potential compliance issues before they become a problem.  

Solution

  • Ledger can now see across its entire cloud footprint with Wiz and easily uncover vulnerabilities anywhere in its cloud environment.

  • Ledger now uses Wiz to quickly identify risks and help its team prioritize which threats need to be addressed first. 

  • By building Wiz security policies directly into Kubernetes admission processes, Ledger can ensure resources are compliant and secure before they’re deployed. 

Integrated security earlier in the development lifecycle icon

Integrated security earlier in the development lifecycle

with the Wiz GitHub App and continuously scanning for risks at every step

Automated compliance by building security policies icon

Automated compliance by building security policies

into the Kubernetes admission control process

Supports 200+ developers icon

Supports 200+ developers

in a single security solution

Safeguarding the tools needed to protect crypto assets

Ledger is on a mission to secure crypto assets across the internet. The company offers both an online security solution and a suite of physical security devices, or hardware wallets, to help its users securely buy, store, swap, and manage their digital assets. As a security solution, Ledger’s brand promise depends on keeping both its data and its customer data safe. “We sell security products, so to build our customers’ trust in our solutions, we have to be transparent about how we’re keeping them safe,” says Enguerrand Allamel, Staff Cloud Security Engineer at Ledger.

We’re a fast-moving company, so it’s encouraging to look at Wiz’s change log every week, see new integrations or features, and know that it’s growing with us

Enguerrand Allamel, Staff Cloud Security Engineer

Since many of Ledger’s customers are integrating Ledger’s open-source solutions directly into their platforms, those end-users need to trust Ledger’s infrastructure as if it were their own. Additionally, consumers purchasing from the Ledger store also need to know data related to their purchases—personally identifiable information (PII) such as names, addresses, and credit card numbers—are stored safely. To accomplish this, Ledger relied on a Cloud Security Posture Management (CSPM) solution to monitor for and stay on top of risks, but the platform it chose lacked visibility across Ledger’s multi-cloud environment.  

For those threats the team could find, they struggled to prioritize which to resolve. “When we started using our previous security solution, we saw hundreds of issues, but there was no way to figure out what we needed to do first,” says Allamel. At a more strategic level, the company also wanted to shift development left and encourage engineers to integrate security early in development processes, so they wouldn’t feel as if security was blocking them when it came time to deploy.  

Creating a more secure offering with improved visibility 

Since the previous CSPM solution was unable to help Ledger identify and prioritize risk and lacked visibility into the varied layers of its cloud footprint, the company looked for another option. The team found that Wiz could not only provide the insight and risk prioritization they needed, but that it could also support real-time threat visibility and monitor Ledger’s data security in a single solution. “Wiz gives us complete visibility into our tooling,” says Allamel. “After gaining that visibility, the main advantage for us is being able to categorize and prioritize risks, so we know what needs to be resolved.” 

Wiz’s UX makes it easy for anyone, even non-technical users, to monitor our cloud environments. For example, since our data security team has visibility into our production environments they can more easily work with the security team.

Enguerrand Allamel, Staff Cloud Security Engineer

To protect Ledger’s vast array of both internal and customer data, the company is also using Wiz’s Data Security Posture Management (DSPM). Better understanding the company’s data security posture ensures Ledger can maintain compliance with stringent financial services regulations related to protecting consumer data. “We have to take care of our data and customers’ sensitive information. Using Wiz DSPM, we have insight into where that data is being stored and can ensure it’s safe,” Allamel says. 

By monitoring both cloud and data security together, Ledger has a clearer understanding of risks across its environment with greater context into risks related to its data—allowing for better prioritization. This consolidation has made it simple to bring together more than 200+ developers across multiple teams in one place to centralize security management. “All of our developers use Wiz,” Allamel says. “They access it through both the browser and through the API, and it’s made it simple for them to see risks at any point in the development lifecycle.”  

Turning insights into action to secure code to runtime 

With Wiz Code, Ledger has connected its security monitoring capabilities to GitHub, so its developers can make more informed decisions about deploying secure code. “If a developer is doing a pull request for a Terraform modification, and there’s a misconfiguration, Wiz will provide a recommended course of action to correct the error before it’s deployed,” says Allamel.

Wiz Code helps us make decisions based on contextualized data and takes the guesswork out of secure development.

Enguerrand Allamel, Staff Cloud Security Engineer

Additionally, Ledger relies on the  Wiz Sensor to scan for real-time threats, keeping the environment secure against potential cyberattacks. “We’re deploying the sensor anywhere we’re using virtual machines,” says Allamel. “It’s easy to deploy and run because Wiz comes with built-in security policies, so we don’t have to configure new rules to get started. With that, we can detect threats with little to no effort for our cloud and on-premise workloads.”  

As part of the larger partnership with Wiz, the company is actively working with the Wiz team to implement new solutions and features as they’re released. “Wiz launches new features weekly, if not daily, yet it remains easy to onboard new users and help them feel like a co-owner of our cloud security program,” Allamel adds. “It brings our teams together, and we’re still discovering new ways to use Wiz as we grow.” 

Read more customer stories

Grammarly

Grammarly secures the software supply chain with integrated cloud security solutions

Read case study
Amplitude

How Amplitude uses comprehensive cloud security to support its customer-first mindset

Watch video

Get a personalized demo

Ready to see Wiz in action?

“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management
Get a demo