slice is a consumer payment application targeting Indian millennials
slice is an Indian fintech platform that is redesigning the experience of financial management for millennials and GenZ. To achieve this, they have a fast consumer payment application, which they believe will become the go-to for all their customers’ spending needs. They have strong traction in the market, with more than 12M registered users trusting slice to be their preferred payment solution.
The company’s mission is to make the world better by using their time and money. To achieve this, security, transparency, and top-notch customer service are crucial for their business strategy to attain customer loyalty and market share in a fast-growing market.
Fintech, in general, is a heavily regulated industry that operates within well-defined regulatory frameworks. These regulations, along with the sensitive nature of transactions handled by the slice, that too at a massive scale, make cloud security of paramount importance to them.
In order to continuously monitor the cloud security posture, slice’s Director of Technology, Srirang Ranjalkar, needed a hyper-responsive cloud security partner who empowered him to enable slice to serve their customers effectively while being protected against systemic risks to cloud infrastructure and customer privacy.
“PingSafe is unique as its context-aware CNAPP platform prioritizes the most critical threats in our cloud infrastructure, to resolve, with least false positives. The platform helps us monitor vulnerabilities proactively and in real-time. We have comprehensive security and compliance vigilance in place as we build India’s most trusted fintech platform.”Srirang Ranjalkar, Director Of Technology, slice
PingSafe’s context-aware CNAPP platform gives slice a unified security experience across multiple clouds
As they were setting up their infrastructure slice took a strategic decision to be multi-cloud across GCP and AWS. However, different clouds have different ways of configuring cloud assets, and different checks are implemented while provisioning these assets. Relying on cloud-native solutions will require maintaining separate teams for separate clouds, significantly increasing the security expenditure. While looking for a security partner, they wanted a solution that could give them a unified way of securing assets across multiple clouds.
One of the first features of PingSafe’s platform that stood out for slice’s security team was that it provided a single pane of glass to manage cloud security posture across both AWS and GCP. Moreover, the number of checks performed by PingSafe while provisioning assets across the cloud infrastructure was far more comprehensive as compared to other security solutions. Add on top of the reporting capabilities of PingSafe, and slice’s security team had a very powerful solution that allowed them to be secure in the cloud with real-time alerts for misconfigurations and significantly reduced false positives.
Srirang adds, “PingSafe is unique as its context-aware CNAPP platform prioritizes the most critical threats in our cloud infrastructure to resolve, with the least false positives. The platform helps us monitor vulnerabilities proactively and in real time. We have comprehensive security and compliance vigilance as we build India’s most trusted fintech platform.”
PingSafe’s compliance dashboard allows slice to be proactively on top of all their compliance needs
Being compliant across multi-cloud involves a long list of checks and following security best practices across various components of compliance standards like IAM, observability, and networking. This quickly spirals into a tedious task for the development team, especially for a fast-growing fintech platform like slice.
PingSafe helped slice address this challenge by providing a single dashboard to monitor its compliance status across multiple clouds. The dashboard highlights slice’s compliance status across its entire cloud estate by providing a compliance score, allowing it to quickly triangulate assets that need to be addressed on high priority. Moreover, any new cloud asset being provisioned across all clouds is automatically verified against standards, and alerts are issued in case any irregularities are to be found. This significantly reduces the workload of Srirang’s development team and frees up his mind space to focus on more vital tasks.
PingSafe’s secret scanning capability allows quick detection of hardcoded credentials and allows slice to shift-left their security
Hardcoded credentials pose one of the biggest threats to any cloud-based technology stack. To solve this particular challenge slice is leveraging PingSafe’s secret scanning capabilities.
PingSafe secret scanner, powered by its proprietary research framework, scans code repositories like GitHub, GitLab, and Bitbucket for more than 800 types of hard-coded credentials. In case a developer hard-codes secrets into these repositories, PingSafe’s secret scanner detects these credentials, verifies the secrets’ validity, and then blocks the commit, effectively preventing leakage and helping slice implement shift-left capabilities.
“Exceptional customer service is at the heart of our relationship with PingSafe. The team kept in constant touch with us and was willing to take feedback and implement requested features quickly. Their customer-centric approach has been the backbone of our success.”Gaurav Arora, Senior Security Engineer, slice
PingSafe’s exceptional customer service allows quick implementation of feedback and feature requests
One of the biggest highlights of the engagement between slice and PingSafe has been the effective collaboration between the teams. PingSafe’s team keeps in constant touch with slice via a dedicated Slack channel and has always been willing to take feedback on their product. Feature requests are also implemented within days. This customer-centric approach, which is a core value for PingSafe, has been instrumental in ensuring the success of the PingSafe CNAPP platform’s implementation at slice.
Gaurav Arora, Senior Cybersecurity engineer at slice adds, “Exceptional customer service is at the heart of our relationship with PingSafe. The team kept in constant touch with us and was willing to take feedback and implement requested features quickly. Their customer-centric approach has been the backbone of our success.”