challenge
As a result of her rapid cloud deportation, OffX found it difficult to obtain a central vision of its cloud environment, making it difficult to determine the potential weaknesses and risks.
OFX realized the need to unify security governance to address contradictions and potential weaknesses through black multi -infrastructure.
The development of fast products in OffX and the multi -rock strategy has made it difficult to comply with security goals through development teams with work to also comply with ISO27001.
solution
Off -Wiz was used to concentrate cloud safety management and gain a comprehensive vision of its multi -box environment, allowing the company to determine potential weaknesses and risks.
OFX used WIZ security capabilities to influence that security practices were aligned throughout the organization and improving priority.
Off X has improved cooperation between security and development teams with WIZ, creating a common understanding of security risks and enabling developers to obtain treatment treatment.
Zero
The risks that were achieved
SLA improvement to three days
To address the new critical risks
Immediately
To the weaknesses on zero day with the WIZ threat center and security graphic drawing
Security bottlenecks with 360 degrees safety solutions
Global Money Transfer, Offers, people and companies send and receive money to more than 170 countries in more than 50 currencies. The company provides global funds transfers via the Internet, within the application or via the phone, as well as products for foreign exchange risk management. ​​​
The Fintech space is facing similar security risks such as traditional banks and other financial institutions, including electronic attacks, databases, compliance violations, and fraud.
When OFX turns from local infrastructure to the cloud, it soon became clear that the company's security methods will need change, to provide continuous protection for its business and customers.
OffX has understood that by obtaining a full vision and setting security priorities as a shared responsibility throughout the work, Offx can overcome the modern challenges offered by its new multi -missile environment.
Previously, users had to log in manually to separate safety tools to manage the security situation. This disclosure of risk and weaknesses made a more complex process that assembled the OffX's Lean team, and did not make a 360 -degree angle of the entire cloud security position of the company. Without this insight, it was difficult to stay graceful and advanced to advanced threats, which led to a less active approach to security. OffX needed a central approach to security judgment. The company did not have a way to restrict users to carry out some procedures through multiple clouds and followed dedicated operations to treat problems when they occur, which made it difficult to form more and appropriate compliance through the cloud scene.
“I can't tell someone to take a specific path if I don't know myself, the direction we need to go,” says Ciso at off. “We had to understand what we had in our environment. If you did not know what exists, it couldn't be there.
Once we migrate to the cloud, we needed to understand the threats we face and follow everything through our infrastructure. Wiz gives us vision and peace of mind to find out what is happening in our cloud environment.
Andy Yap, Senior Cyber ​​Security Engineer, OFX
Improving vision and setting priorities and cooperation
When evaluating safety solutions, OFX looked at factors such as supporting multi -missile environments, the ability to provide actual time visions, ease of publication and movement. After turning on concepts with many sellers, the Off X team eventually chose its central vision, comprehensive security coverage, ease of implementation, and API integration capabilities.
Off their journey with Wiz by carrying out Wiz Cloud to reduce the risk of attack proactively through its cloud environments and processing risk. OffX reveals the weaknesses through the withdrawal and multiple work burdens without deploying agents or forming external scannings. “Wiz gives us one part of the glass we were looking for, providing a complete vision of our environment and the risks we face in the actual time,” says Loda. “A -Id information there is a moment we need.” To gain a deeper vision in its security situation, the team depends on the Wiz security chart to visualize the relationships between the various components of the OffX infrastructure, including evaluating the risk of in -depth containers, which facilitates the determination of potential weaknesses and attack paths.
At the same time, OffX also protects important data through multiple clouds and leads to compliance with organizational frameworks. By providing vision in possible non -compliance issues, OFX made requirements like ISO 27001.
Off X also monitors its cloud work burdens continuously for suspicious activity, and collects intelligence from multiple cloud services providers to discover threats that are proactive. The company uses Wiz along with CSP-EGLET tools and mutual reference accidents to ensure that its teams can continue to trust the source of truth.
Approaching the critical zero state with comprehensive safety tools and cooperation
Off X has strengthened a cooperative approach to treatment, using WIZ to provide a common understanding of security risks and enable developers to obtain treatment efforts. By integrating Wiz with its Jira ticket system, applicants can give priority to processing problems based on their intensity and potential impact, within their current workflow.
“Our developers need a more efficient way to manage tools to manage weakness,” says Andy Yap, chief cyber security engineer in OffX. “With Wiz, we can now give priority to problems that have real risks to our business context, ensuring that all critical problems are tackled in time.”
With Wiz, developers have the solutions they need to understand and address issues in time. We can address problems within three days.
Andy Yap, Senior Cyber ​​Security Engineer, OFX
Since the activation of WIZ through its business, OffX has improved its security situation, maintaining any zero critical risks, and it has reduced the average time to fix the new critical issues to three days. The company also established a better cooperation between security and development teams, and enabling them to use comprehensive data and visions from Wiz to make informed decisions on the company's security strategy.
“When working with our development and security teams to make changes, we needed to know how to advise them exactly,” says Yap. “Before Wiz, this was a little interactive and dedicated. Today, we can enable self -service treatment proactively to know that we are effectively communicating and working our Dev teams in the lock step with the security standards in OffX.”
We have moved from limited vision, measurement, or treatment capabilities to explore, understand and solve issues. Wiz gives us the full picture of our cloud environment and tells us exactly how to keep it safe.
Santanu Lode, Ciso, Off
An advanced partnership for long -term success
The OffX partnership with Wiz helped convert the company's approach to cloud safety. By taking advantage of WIZ capabilities for clarity and determining priorities and cooperation, OffX has managed to enhance its security position, reduce risks, and improve operational efficiency.
“There is no better response and clarity than what you get with Wiz,” says Yap. “The ease of implementation was not up to it, and we gained a vision in the actual time through our environment in one place, and Wiz will expand with us with the development of our environment over time.”
