Ansarada makes data-based security decisions to support secure information sharing

Ansarada adopted Wiz to gain complete visibility into its IT infrastructure to equip teams to remediate security risks.

Ansarada

Industry

Financial Services

Region

Asia Pacific

Cloud Platforms

AWS
Kubernetes
Ready to start?
Get a demo

Challenge

  • Ansarada requires continuous monitoring of its technology to identify and remediate potential security gaps, and its cloud environment became increasingly complex to track and manage.

  • Ansarada’s products depend on retaining airtight security measures, and the company needed to prioritize its cloud security by incorporating security practices into the work of everyone in the technology teams. 

  • As the organization grows, it wants to focus time and resources on developing new features and products rather than trying to uncover, understand, and remediate vulnerabilities. 

Solution

  • With Wiz, Ansarada has complete visibility across its complex IT environment and can easily identify and address potential risks.  

  • Ansarada has democratized security management with Wiz to make cloud security a dispersed, company-wide responsibility rather than the domain of a specialized team. 

  • Ansarada uses the context provided by Wiz to better understand and prioritize security issues faster, so developers have more time to focus on shipping new products. 

Prioritizing cloud security for better information management 

In the middle of mergers and acquisitions, the last thing companies want to worry about is potentially leaking proprietary information. Virtual data rooms help ensure that critical information can be moved securely between the parties involved in these deals, but Ansarada takes the data room a step further. The company’s goal is to bring order to organizational chaos. In practice, this means helping customers—from small and large companies to government offices—efficiently manage and share information throughout their deal processes.  

During its search, Ansarada identified opportunities to update its own security remediation processes to give its developers more time to build new products. “As we mature, we want to establish processes that support our entrepreneurial spirit and rapid growth,” said Dean. “We need to make more decisions based on data rather than gut feeling, and that includes our cloud security decisions.” 

We were addressing potential issues because they were listed as P1, but we didn’t know if they were really P1. There wasn’t any way for the IT team to know which were actually urgent, they just saw a P1 incident alert. We needed context to focus our efforts in the right place.

Mick Dean, COO, Ansarada

Making these data-based security decisions was difficult without a dedicated cloud security function. Additionally, the security insights Ansarada previously had access to lacked context. The context was especially important because Ansarada’s complex cloud environment—made up of more than 30 AWS accounts plus a wide variety of Kubernetes clusters and virtual machines—is complicated to navigate for even the most well-versed security experts. 

Against this backdrop, Ansarada’s legacy security solution wasn’t able to help the company prioritize vulnerability management. “We have limited resources for managing security threats, and we need more context to ensure we’re targeting the right things with those resources,” Dean said. 

Integrating cloud security into day-to-day operations 

To efficiently gather more actionable information on its security posture, Ansarada adopted Wiz. “We saw the opportunity to work with a mature product that’s easy to use, provides the context we need around security alerts, and integrates with our existing tools,” Dean said. The company started its rollout by educating its teams about how to use Wiz. “We cross functionally manage security, which means security is a shared responsibility. With everyone onboarded to Wiz, now we have a place to start conversations,” Dean added. 

Creating organizational change required operationalizing security management by automating its remediation process for engineers. “We’d managed our security tickets in JIRA before, but we’ve been able to make it more efficient by connecting it to Wiz,” Dean said. “Our developers can now see all of the context they need to address a vulnerability directly in JIRA.” 

Wiz provides the information our engineers need to handle security tickets efficiently. They’re provided context about issues they need to resolve, so they know exactly where to go and what to do about each security alert, which means they're more likely to respond in a timely, frictionless way.

Mick Dean, COO, Ansarada

By saving time not trying to constantly understand and address security tickets, Ansarada engineers can focus on new product launches. This includes feature enhancements for its existing virtual data room or growing its new Environmental, Social, and Governance (ESG) products and Governance, Risk, and Compliance (GRC) services.   

“Maintaining our security posture is invaluable work, but if our engineers have to search for information for each incoming security alert, they’re not able to work on other projects,” Dean said. “With Wiz, they have access to detailed information at their fingertips to fix an issue and get back to writing code for new products that we’re excited about.” Ansarada has also incentivized its developers by providing additional performance bonuses tied to meeting Service Level Agreements (SLAs) for remediation that can be tracked through Wiz. 

Uniting company-wide efforts to build a more secure organization 

Beyond supporting developers and engineers, Ansarada also uses Wiz to communicate with nontechnical teams across the organization. “Wiz talks to all audiences,” said Dean. “There’s information in the finer details for the people that need it, but it’s also available at a high level from a reporting perspective.” These details are available instantly, and as the company continues to operationalize its security processes, teams don’t have to rely on complex manual processes to find the information they need. 

The Wiz security graph draws together seemingly disparate pieces of our infrastructure and provides a compelling explanation on why something should be reviewed. We can access so much information in so few clicks.

Mick Dean, COO, Ansarada

The company now has a designated Slack channel for security “champions”: team members from across the organization who want to stay informed and involved in Ansarada’s security operations. With security efforts distributed across the company, Ansarada is discovering new ways Wiz can help the business grow. 

Greater visibility and more automation mean that the company can strive for even faster SLAs as the security program scales. From a business perspective, Ansarada also sees new potential opportunities to partner with Wiz to secure future business growth. “Our business operates in the world of due diligence,” said Dean. “If an M&A opportunity comes up for us, we would be far more confident in understanding the risks and opportunities in the business by taking advantage of everything Wiz has to offer.” 

Get a personalized demo

Ready to see Wiz in action?

“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management