CUSTOMER CASE STUDY
Upwind in Action: Rivery
Industry: Data Management
![](https://www.upwind.io/wp-content/uploads/2024/02/rivery-cs-hub-cover.jpg)
Challenges
- Rivery’s previous static threat detection tools did not give real-time visibility.
- Noisy tools overwhelmed Rivery with too many vulnerability and misconfiguration alerts without clear prioritization insights.
- Rivery needed to find a unified solution that would give them 24/7 service and reduce the load on their security team.
Solutions
- Upwind’s runtime threat detection allows Rivery to meet compliance requirements and respond to malicious actors in real time.
- Upwind’s prioritized vulnerability management filters vulnerabilities based on criticality with runtime insights, allowing Rivery to understand what they need to fix first.
- Upwind’s MDR service gives Rivery 24/7 protection, allowing them to focus on the things that matter most to their organization while remaining secure.
Rivery is a data integration platform for modern data teams. Rivery leverages Upwind’s CNAPP for a number of use cases including real-time threat detection and response, network visibility and vulnerability management.
Ensure Compliance with Real-Time Network Visibility
Prior to using Upwind, Rivery relied on a log-based cloud security approach, which required them to send logs to their SOC provider. Rivery’s infra spans across multiple regions internationally, and they needed to have a solution that could provide runtime data for compliance purposes.
Rivery also uses a multi-architecture approach, including Kubernetes clusters and traditional scaling groups, and their security team needed a tool that would help their visibility expand beyond their team size. Utilizing Upwind’s runtime insights and topology map, Rivery has been able to expand their security team’s capabilities with increased network visibility and access controls, real-time Internet exposure and potential risks including malwares running in their environment. This increased real-time visibility allows them to remain GDPR compliant and ensure that their assets aren’t communicating with noncompliant entities.
“The entire process using Upwind was incredibly simple. Within minutes of deployment, we already had 24/7 eyes on our infra with Upwind’s MDR service.”
Alon Reznik | Chief Architect, Rivery
Moving from Static to Real-Time Threat Detection
In addition to seeing network traffic in real time, Upwind’s topology map allows Rivery to proactively hunt for threats and view malicious processes that are running in their environment as they occur. This ability to instantaneously view threats and respond to them is crucial for Rivery and allows them to ensure that their data and assets remain safe, in real time.
Upwind gives Rivery the ability to detect and respond to threats in real time across their entire infrastructure, including AWS EC2 and EKS, as well as proactively monitor for any suspicious activity. Upwind’s real-time network topology map gives Rivery the ability to monitor traffic end-to-end, including across AWS services such as ElastiCache, S3 and DynamoDB, and helps their team to identify any potential threats and proactively address them. By using both AWS and Upwind, Rivery is able to remain agile – building and scaling quickly in EC2 and EKS, while monitoring traffic in real-time across AWS infrastructure and services with Upwind.
Managed Detection and Response in Minutes
“Upwind’s detailed threat detections provide us with all the context we need from our CI/CD pipeline, process trees and network topology- allowing us to increase our time to resolution by 7x.”
Alon Reznik | Chief Architect, Rivery
Improved Time to Resolution with CI/CD Context
In addition to real-time threat detection and response, Upwind’s ability to provide detailed context with every detection allows Rivery to immediately understand the root cause of threats and vulnerabilities, going as far as identifying the developer who introduced the vulnerability. Upwind’s leverages eBPF-powered runtime context, as well as data from CloudTrail, IAM, and Identity Center, pairing it with CI/CD pipeline context, process trees and network topology to enable Rivery to rapidly understand the cause of detections and cut their time to resolution by 7x.