Challenge
With a sprawling, rapidly expanding cloud environment, Amplitude wanted more visibility across its entire environment to better understand its risk profile.
Once issues were identified, Amplitude needed to improve its long-term and short-term remediation strategy for prioritizing urgent, impactful issues.
The company needed to ensure its security team was enabling and not blocking development by building a unified DevSecOps program.
Solution
Using Wiz to take inventory of its cloud footprint, Amplitude was able to immediately identify potential risks across its AWS environment and throughout its Kubernetes clusters.
Clear visibility combined with prioritized alerts helped the company identify and prioritize risks and build a remediation plan for ongoing risk monitoring and management.
Having a shared reference point for risks allows development and security teams to more easily collaborate to ship new features quickly and securely, shifting development left.
Eliminated all
discovered vulnerabilities
Consolidated security tooling
with a single CNAPP solution
Improved threat response times
by supporting communication between security and development teams
Fueling a customer obsession by evolving cloud security
Companies collect vast amounts of data about how their customers interact with their digital products. Digital analytics platform Amplitude helps its customers gain self-service visibility into the entire customer journey. It guides teams every step of the way as they capture data they can trust, uncover clear insights about customer behavior, and take fast action to improve their digital product experiences.
As a cloud-native, cloud-first analytics company, keeping information secure is a top priority. “Amplitude’s journey to security maturity is tied to our customer obsession,” says Terry O’Daniel, former Head of Security at Amplitude. “Shipping fast is the best way to understand our new solutions, get feedback from customers, and iterate, so we need security solutions that help us do that safely.”
We need to ensure our security posture meets data security, privacy, and compliance standards for customers of any size. Wiz gives us the visibility we need to show both our customers and our internal teams that we’re secure
Terry O’Daniel, Former Head of Security, Amplitude
To build a cloud security program that supports this culture of rapid development and deployment, the company had to start with improving visibility into its cloud environments. Amplitude has more than 5,000 virtual machines, more than 30 Kubernetes clusters, and a growing Amazon Web Services (AWS) footprint, but it needed to better understand its risk profile in order to use this infrastructure effectively and securely. “We not only need to look at the whole picture to take a holistic, long-term view of our environment, but we also have to meet the business where it is,” adds O’Daniel. “For us, that means iterating quickly and using time efficiently.”
The company’s existing security tooling wasn’t able to see across its multi-cloud environment, and its machine learning-based solution struggled to identify and prioritize important alerts because the team would have had to teach it from manual information. Amplitude sought a solution that would span the organization to provide a complete asset inventory, help reduce vulnerabilities and start security earlier in the development pipeline. This brought it to Wiz.
Implementing security for a company of data-driven decision-makers
With Wiz in place, Amplitude gained immediate insight across its environments to begin making more informed decisions about potential vulnerabilities. “We turned Wiz on, and it just worked,” says O’Daniel. “We were able to find the places where we needed to take action to mitigate risks right away.” The next step was to get buy-in across the company to encourage collaboration between development and security teams. Security began with demonstrating the value of Wiz to developers and reassuring them it wouldn’t negatively impact product roadmaps.
“Wiz lets us bring platform engineering and cloud security together in the same room, look at the same problems, and immediately understand who owns what, so we can assign work to the right owners and make improvements,” says O’Daniel. With that conversation started in Wiz, developers are able to step away to do what they do best: write code. “We can ship software faster while serving our customers with a secure environment,” says O’Daniel. “Security is like the brakes on our car. We can take turns fast because we know that if we need to, we can slow down, and Wiz ensures we know when to pump the brakes.”
Wiz is more than a product, we see them as a partner. The team helped us shape our internal case for Wiz CNAPP for our leadership team. Once we had buy-in, Wiz also answered extensive technical questions and helped us format our data to effectively tell our security story to our customers.
Terry O’Daniel, Former Head of Security, Amplitude
Having a security solution that developers can easily understand has helped Amplitude adjust the company’s overall approach to security. With Wiz Command Line Interface (CLI), Shawn Verilli, a former Senior Staff Security Engineer at Amplitude, embedded detection capabilities earlier in the development process to ensure developers are creating secure-by-design products. “As a practitioner myself, I can’t stress how valuable it is that I can plug Wiz CLI into our code or GitHub during a build to ensure we’re secure,” says Verilli. “That integration really helps push our shift left strategy because our developers have information where they work.”
With the increased visibility into its cloud, Amplitude also has a clearer understanding of who needs access to what information to efficiently remediate risks. “I don’t have to share all of Wiz’s data with all of our developers,” says O’Daniel. “I can show them precisely where and how problems could impact our environment, what the risks are, and which actions I propose we take, so we can focus our efforts and make an impact quickly.”
Customizing Wiz to meet evolving security needs
As Amplitude’s security strategy has grown, it’s also expanded its Wiz use across the organization. With the Runtime Sensor, the company saw an opportunity to add a new layer of visibility and defense into its live code without having to do a proof of concept for a separate solution. With real-time detection and response in place, the team has further consolidated how it responds to risks. “Having crisis, detection, and response processes all align to the signals we get from Wiz means we can approach issues with unified data and understanding,” says O’Daniel. “After an incident, we can continue to bake in some of what we get out of Wiz into our security incident response plan and continue to improve.”
This runtime visibility also simplifies the remediation process by providing more context that can be shared with developers. “Being able to see what's actually running is incredibly valuable because if a machine has 100 vulnerabilities, but only two of them have ever been invoked on the machine, I don't have to queue 100 tickets,” says Verilli. “I can see what’s actively running, file a clearer ticket request, and our developers feel like we respect their time.”
Wiz gives us a full asset inventory of our cloud resources. With the expanded insights we have about our environment, we can make more informed and more impactful security decisions.
Shawn Verilli, Former Senior Staff Security Engineer, Amplitude
Amplitude’s security team shares these ongoing security posture improvements with its senior leadership teams using Wiz’s built-in reporting. “Wiz gives us the ability to talk about cloud security, data protection, and data privacy,” says O’Daniel. “I have easy access to the data I want to talk to leadership about and can help inform the kinds of decisions I want leadership to make when it comes to resource allocation, and ultimately, where my team spends their time.”
A data-based company focusing on its data security posture management
Looking forward, Amplitude plans to expand its use of Wiz as a Data Security Posture Management (DSPM) solution to more clearly understand the scope of its enormous data footprint. “Data is core to our business,” O’Daniel notes. “We evaluated standalone DSPM tools for a while, but the sheer volume of data we manage at Amplitude made their pricing models untenable.” With Wiz DSPM, the company can integrate its longer-term DSPM plans into its existing Cloud Native Application Protection Platform (CNAPP) solution. It also plans to leverage this consolidation to democratize security management. By increasingly involving its developers in security management, Amplitude can more effectively safeguard its rapid product development cycles.
