Fast-growing Appsflyer Automates Security Policy Validation With Axonius

    Mobile attribution and analytics leader AppsFlyer works with over 12,000 customers, including Walmart, Nike, HBO, Tencent, and NBC Universal. They count Facebook, Google, Apple Search Ads, Salesforce, and Adobe among our ecosystem of over 6,000 technology partners.


    Key Challenges

    Validating that security solutions are deployed appropriately and users have correct permissions enterprise- wide.

    With a comprehensive inventory of all assets, users, and security solutions, AppsFlyer was able to get clear visibility into the deployment of the different security solutions and automate ongoing security policy adherence.

    Implementing Security Solutions at a Growing Company

    When he joined mobile attribution and analytics leader AppsFlyer in January 2018, CISO Guy Flechter began implementing a wide-ranging cybersecurity program to protect his heterogenous environment.

    “The nature of our business coupled with how quickly we’ve grown has led to an environment that is far from uniform,” said Flechter.

    “With Windows devices in AD, Macs managed by JAMF, Linux devices managed by Chef, various security tools (such as: end point protection, EDR, deception and more) on every laptop, MDM solutions, deception agents, and so on, the result was a patchwork of security solutions. And although adopting best-of-breed solutions is the right strategy, it becomes a management headache.”

    Ensuring Policy Adherence

    After implementing the best security tools for every device type, the AppsFlyer team realized that they needed an automated way to ensure that every device had the required solutions installed, and that users had the correct permissions to adhere to the overall security policy.

    “We needed an easy and automated way to have clear visibility into which agents were missing from each device, and a way to know when users had rights that conflicted with our security policies.

    For example, I want to immediately see all Windows devices missing an endpoint agent, unmanaged devices in various VLANs, and I want to know any time a user has been active but hasn’t changed their password in the past 60 days. These are really foundational elements of any cybersecurity program, and there were no good ways to get the answers,” said Flechter.

    The Axonius solution was dead simple to deploy, and I can’t say enough about the team and how quickly they responded to new feature requests or improvements.

    Guy Flechter, former CISO, AppsFlyer

    Simple, Automated Asset Management with Axonius

    By connecting the Axonius platform with the security solutions they had implemented, the AppsFlyer team was able to instantly see all devices – both managed and unmanaged – to take action and correct discrepancies.

    “We were able to quickly identify any device that didn’t adhere to our policy and were able to turn on alerts to know any time a device or user fell out of compliance,” noted Flechter. “The ability to write highly granular queries and turn them into alerts gives us confidence that we’ll know any time there’s an anomaly that needs attention.”

    Enriching Vulnerability Information

    Through its integration with known vulnerability feeds, the Axonius platform was also able to provide AppsFlyer with enriched vulnerability data for all devices. This deep, contextual information decreased the time it took to gather more data to investigate incidents and helped to prioritize patching and upgrades.

    Immediate Time to Value

    “I’ve rolled out countless security solutions in my career,” noted Flechter.

    “And in many cases you run into bugs, dependencies, and unforeseen issues that take months to get fixed and IT teams struggle to find the exact locations of the gaps. The Axonius solution was dead simple to deploy, and I can’t say enough about the team and how quickly they responded to new feature requests or improvements. Any issue I faced or improvement I requested was solved in less than a week.”

    Axonius is the cybersecurity asset management platform that lets IT and security teams see devices for what they are in order to manage and secure all. Interested in seeing what Axonius can do for your organization?

    See For Yourself.

    Book Your Demo