Case study

How Brex bridges the gap between security, DevOps, and compliance with Bridgecrew

  • To help them identify cloud security gaps, Brex needed an all-in-one solution to monitor both their cloud and infrastructure-as-code for misconfigurations
  • Bridgecrew gives Brex both oversight into their AWS accounts and the tools to prioritize and remediate violations
  • By enabling them to embed cloud security into their CI/CD workflow, Bridgecrew helps Brex address cloud security issues faster and prevent them from being deployed

 

 

blank

Customer: Brex

About: In 2018, Brex launched the first corporate card and rewards program specifically designed for startups. Since then, they’ve transformed B2B payments by rebuilding the credit card tech stack from the ground up.

Industry: Financial Services

Size: 450+ employees

Stack: AWS, Terraform, GitHub

The challenge

Brex’s DevOps, security, and compliance teams work hand-in-hand to build, secure, and govern their cloud infrastructure. As a financial services organization with a modern and cloud-native stack, the Brex team has invested heavily in building scalable and immutable infrastructure, utilizing Terraform to orchestrate their AWS resources. This scalability has allowed them to keep pace with business and innovate fast.

To keep their quickly evolving stack secure, they sought oversight into their production cloud accounts as well as their infrastructure-as-code configurations.

“We turned to Bridgecrew to help analyze and enforce security and compliance industry standards across our teams—engineering, DevOps, security, and compliance.”

— Shruti Gupta, Director of Engineering, Brex

The solution:

Brex leveraged Bridgecrew to gain insight at both the cloud level in run-time and the infrastructure-as-code level in build-time.

With comprehensive scanning for AWS misconfigurations and policy violations, the Brex team was able to ensure they knew about and were able to address any gaps. With real-time scanning for Terraform security issues, Brex developers are notified when issues are detected during their build pipeline as part of CI/CD—helping them to prevent them from being deployed.

blank

In addition to identifying and preventing cloud security risks, Bridgecrew equips Brex’s GRC team with audit-ready compliance benchmark reports for PCI, SOC2, and more.

The outcome:

By leveraging Bridgecrew’s build-time and run-time scanning, Brex has been able to address gaps in their existing cloud security posture and instate guardrails to maintain it over time. Preventing issues in development with Bridgecrew has also helped Brex save hours spent chasing down issues in production.

“Today, we use Bridgecrew to track misconfigurations and manual unauthorized changes to the environment and to quickly remediate them.”

— Shruti Gupta, Director of Engineering, Brex

blank

As Bridgecrew has continued to add new policies to its platform, Brex has been able to stay on the cutting edge of cloud security best practices with every deploy.