Industry: eCommerce Marketing Platform
“Upwind has reduced our time to remediation by 4x.”
Challenges
- Yotpo needed a security solution to give them visibility into their production environment in order to understand resource communication and behavior
- Yotpo wanted to go beyond a CSPM to find a platform that would give them real-time protection against threats
- Yotpo needed a platform that would provide streamlined root cause analysis and provide insights into the cause of issues and threats.
- Yotpo needed a way to cut down vulnerability alert noise and prioritize critical risks for remediation.
Solutions
- Upwind’s runtime insights give Yotpo real-time visibility into resource communication and resource behavior, as well as understanding resource behavioral baselines
- Upwind’s comprehensive cloud security platform provides Yotpo with CSPM capabilities, as well as real-time threat detection and the ability to respond to threats as they are detected.
- Upwind’s end-to-end context provides Yotpo with built-in root cause analysis for every finding, helping Yotpo’s security team go directly to the source and significantly reduce the time to remediation.
- Upwind leverages runtime data and correlates it with build-time context, helping Yotpo focus remediation efforts in the most impactful areas.
About Yotpo
Yotpo is an eCommerce retention marketing platform that drives repeat shopper sales with connected solutions for reviews, SMS, email, loyalty, and subscriptions. Yopto leverages the Upwind Cloud Security Platform for real-time visibility into resource communication and behavior, as well as runtime threat detection and response and streamlined root cause analysis.
Using the Upwind Topology Map has been key in understanding what we have deployed and how we operate. The real-time insights into resource communicated and detailed visibility into connections with services has helped us to build and run more efficiently and securely.”
How Yotpo Leverages Upwind
Yotpo needed a security solution that would give them visibility into their production environment in order to understand resource communication. Yotpo has advanced cloud infrastructure and wanted to ensure visibility into what resources were doing at any given moment, but prior to using Upwind their team had no visibility into runtime.
By using Upwind, Yotpo is able to receive runtime insights and gain real-time visibility into resource communication and resource behavior, as well as understanding resource behavioral baselines. Upwind’s ability to baseline behavior for every resource has helped Yotpo to not only understand what their infrastructure entails at any given moment, but to also quickly identify traffic patterns and resource behavior. This has enabled them to operate more efficiently and adopt a more proactive approach to security.
Going Beyond a CSPM with Real-Time Protection
Yotpo previously used a CSPM platform to strengthen their cloud security posture, but they wanted to advance their security efforts even further with real-time protection against threats. By using Upwind, they are able to continue their posture efforts while also adding real-time threat detection and the ability to respond to threats as they are detected.
When using their previous CSPM, Yotpo did not receive any insights into runtime. By using Upwind’s runtime visibility and insights, they are able to see network and resource information they previously lacked and understand what their resources are doing at any given moment. Upwind’s CDR capabilities also give them protection against advanced threats, including the ability to detect malicious behaviors in real time, kill malicious process and create prevention policies to keep malwares from ever running in their environment.
Saving Hours with Built-in Root Case Analysis
As a part of efforts to streamline security and reduce time to remediation, Yotpo needed a platform that would give streamlined root cause analysis and provide insights into the cause of issues and threats. Upwind provides Yotpo with end-to-end context and built-in root cause analysis for every threat and vulnerability finding, helping Yotpo’s security team go directly to the source and significantly reduce the time to remediation.
Yotpo now is able to understand if a user is doing something suspicious with Upwind’s identity security, which has saved their team hours of work by providing them with specific user information and giving them the ability to directly investigate the behavior. In addition, Upwind is able to help Yotpo deeply prioritize remediation efforts by cutting down alert noise to prioritize critical risks. This has helped Yotpo identify their most critical vulnerabilities and prioritize them for remediation, focusing R&D efforts on the areas that have the greatest organizational impact.
Connecting the Dots to Understand Security Issues
Prior to using Upwind, Yotpo’s team would spend hours getting to the bottom of security incidents and investigating root causes. By using Upwind’s Issue Stories, Yotpo’s team is now able to automatically correlate seemingly unrelated events to explain the timeline leading up to a security incident. This detailed event correlation saves Yotpo’s team countless hours of investigations, providing them with a detailed account of how an incident unfolded and taking them directly to the root cause. This has significantly cut down the time it takes Yotpo to triage incidents, reducing both time and needed manpower.
Upwind Issue Stories has drastically reduced triage and investigation time by correlating runtime detections with audit logs and giving us end-to-end visibility. Understanding who did what, how, and when, at a single glance has been a major game-changer.”
Summary
By leveraging Upwind’s deep build time and runtime context, Yotpo has been able to cut more than 95% of alert noise, focus on real risk, and streamline their investigations with automatic event correlation. By going from using a CSPM to leverage the full Upwind Cloud Security Platform, Yotpo has been able to focus team efforts, adopt real-time threat detection and response and strengthen their overall cloud security.
Upwind has taken our cloud security to the next level. The deep build time and runtime context has helped us prioritize issues that are truly critical to our organization and resulted in 4x faster time to remediation."
Uplift Your Cloud
Security Today
Schedule a meeting with a cloud security experts today to secure your cloud, reduce friction between your teams and proactively protect your cloud infrastructure and applications.
