EvenUp Achieves 7x Faster Remediation with Upwind

“Upwind’s ability to deeply prioritize risks and focus on what is critical has empowered our team with 7x faster time to remediation.”

A man with short brown hair and a beard looks directly at the camera. He is wearing a gray shirt against a dark background.
Michal Gorniak
|
Engineering Lead, EvenUp

Challenges

  • EvenUp needed a way to improve API visibility and automatically discover and catalog APIs
  • EvenUp was previously using security offerings from cloud providers, and wanted to find a tool that would provide more comprehensive coverage in a single platform.
  • EvenUp wanted a way to leverage runtime insights for real-time threat detection and response, as well as a way to tie these findings back into their CI/CD pipeline for root cause analysis.
  • EvenUp wanted a way to extend its capabilities and optimize its security team’s bandwidth by prioritizing risk and focusing efforts.

Solutions

  • The Upwind Cloud Security Platform gives EvenUp the ability to automatically discover and catalog all API endpoints.
  • Using Upwind has given EvenUp a full cloud security offering in one comprehensive platform, going beyond previous cloud provider tools.
  • Upwind provides real-time threat detection and response capabilities, as well as build time insights for built-in root cause analysis and streamlined remediation.
  • Upwind’s risk prioritization engine cut down EvenUp’s alerts by 95%, allowing the security team to focus on the truly critical risks and focus their efforts on remediating them.

About EvenUp

EvenUp is an AI-powered legal services platform. Powered by millions of records, EvenUp turns medical docs and case files into AI-driven demand packages for injury lawyers. EvenUp leverages the Upwind Cloud Security Platform for enhanced API security, real-time threat detection and response, and to extend its security team’s capabilities with enhanced risk prioritization and streamlined remediation.

We wanted a tool that would extend our security team’s capabilities and focus efforts. Upwind has reduced the amount of alerts our team receives by 95% and helped us focus on the 5% of risks that truly matter.”

A man with short brown hair and a beard looks directly at the camera. He is wearing a gray shirt against a dark background.
Michal Gorniak
|
Engineering Lead, EvenUp

How EvenUp Leverages Upwind

EvenUp needed a way to move beyond utilizing cloud provider security tools while centralizing their security efforts. By using Upwind, EvenUp’s security team has been able to supercharge their efforts and do the work of a team that is 10x their size by gaining increased visibility of all of their infrastructure and applications, prioritizing critical risks and proactively remediating them.

Diagram illustrating a complex cloud architecture with multiple interconnected components, including RDS, ElastiCache, and DynamoDB, represented by icons. Lines connect these elements, with a central globe symbolizing global distribution.

7x Faster Time to Remediation

While EvenUp had an established security practice, they wanted a way to advance it even further with real-time threat detection and response capabilities. With Upwind, EvenUp is able to detect threats the second they occur and respond to them in real time, as well as proactively reducing their attack surface by proactively remediating risks.

Upwind’s integration with EvenUp’s CI/CD pipeline also provides built-in root cause analysis, allowing EvenUp’s security team to streamline remediation efforts. This has resulted in 7x faster time to remediation for EvenUp, highlighting their commitment to industry-leading security practices.

A dashboard displaying cybersecurity issues. Seven rows list issues related to publicly exposed containers, network scanning tools, and critical vulnerabilities. Filters for issue type, severity, resource kind, and more are shown at the top.

Prioritizing Critical Risks and Extending Security Team Capabilities

EvenUp has a small security team and wanted a way to extend its capabilities by prioritizing risk and focusing efforts. By using Upwind, they have been able to cut down the amount of alerts they receive by 95%, giving them the ability to focus on their most critical risks and streamline remediation efforts.

Upwind’s Issues Page prioritizes all risks for EvenUp so they have a clear, concise page with all of the needed information about each risk and why it is critical, as well as built-in root cause analysis and remediation recommendations. This has given them a clear starting point for remediation efforts and helped enable their team to extend its capabilities and ensure all critical risks are proactively addressed.

Funnel.svg

Automatically Discovering APIs

EvenUp needed a way to improve API visibility and automatically discover and catalog APIs. By using Upwind, their team has been able to automatically discover and catalog all API endpoints, including receiving relevant information about API traffic and requests over time. This has transformed how EvenUp views API security, giving their team increased visibility and understanding of API usage.

Upwind’s ability to show us resource communication in real time, including API traffic, has made a huge difference in how we do security. This increased visibility has informed how we view development efforts and given us the ability to ensure that resources are secure in real time.”

A man with short brown hair and a beard looks directly at the camera. He is wearing a gray shirt against a dark background.
Michal Gorniak
|
Engineering Lead, EvenUp

Summary

Upwind has given EvenUp the ability to prioritize and focus on critical risks, cut 95% of alert noise, detect and respond to threats in real time, discover and catalog APIs and have 7x faster time to remediation. Upwind’s ability to provide all of these capabilities in one centralized platform has empowered EvenUp’s security team and extended its capabilities, giving EvenUp the ability to ensure industry-leading security practice

We are committed to ensuring that our security practices are best-in-class, and Upwind has proven itself to be the needed solution for these efforts. Not only do we have less alerts to sort through and better focus, we now are proactively monitoring for threats in real time and improving time to remediation.”

A man with short brown hair and a beard looks directly at the camera. He is wearing a gray shirt against a dark background.
Michal Gorniak
|
Engineering Lead, EvenUp

Uplift Your Cloud
Security Today

Schedule a meeting with a cloud security experts today to secure your cloud, reduce friction between your teams and proactively protect your cloud infrastructure and applications.

Further Reading

Petrofac is a leading international service provider to the energy industry.

The RealReal is the world's largest and most trusted resource for authenticated luxury resale.

Anzu is the most advanced intrinsic in-game ad solution for mobile, PC, and console.