- Use Cases
When he joined mobile attribution and analytics leader AppsFlyer in January 2018, CISO Guy Flechter began implementing a wide-ranging cybersecurity program to protect his heterogenous environment.
“The nature of our business coupled with how quickly we’ve grown has led to an environment that is far from uniform,” said Flechter.
“With Windows devices in AD, Macs managed by JAMF, Linux devices managed by Chef, various security tools (such as: end point protection, EDR, deception and more) on every laptop, MDM solutions, deception agents, and so on, the result was a patchwork of security solutions. And although adopting best-of-breed solutions is the right strategy, it becomes a management headache.”
After implementing the best security tools for every device type, the AppsFlyer team realized that they needed an automated way to ensure that every device had the required solutions installed, and that users had the correct permissions to adhere to the overall security policy.
“We needed an easy and automated way to have clear visibility into which agents were missing from each device, and a way to know when users had rights that conflicted with our security policies.
For example, I want to immediately see all Windows devices missing an endpoint agent, unmanaged devices in various VLANs, and I want to know any time a user has been active but hasn’t changed their password in the past 60 days. These are really foundational elements of any cybersecurity program, and there were no good ways to get the answers,” said Flechter.
Guy Flechter, former CISO, AppsFlyer
By connecting the Axonius platform with the security solutions they had implemented, the AppsFlyer team was able to instantly see all devices – both managed and unmanaged – to take action and correct discrepancies.
“We were able to quickly identify any device that didn’t adhere to our policy and were able to turn on alerts to know any time a device or user fell out of compliance,” noted Flechter. “The ability to write highly granular queries and turn them into alerts gives us confidence that we’ll know any time there’s an anomaly that needs attention.”
Through its integration with known vulnerability feeds, the Axonius platform was also able to provide AppsFlyer with enriched vulnerability data for all devices. This deep, contextual information decreased the time it took to gather more data to investigate incidents and helped to prioritize patching and upgrades.
“I’ve rolled out countless security solutions in my career,” noted Flechter.
“And in many cases you run into bugs, dependencies, and unforeseen issues that take months to get fixed and IT teams struggle to find the exact locations of the gaps. The Axonius solution was dead simple to deploy, and I can’t say enough about the team and how quickly they responded to new feature requests or improvements. Any issue I faced or improvement I requested was solved in less than a week.”