PeopleGrove Case Study

How PeopleGrove meets the security needs of their customers with Sqreen

Summary

Challenges

  • PeopleGrove wanted a way to improve their application security and better address the security questionnaires of their larger customers.
  • They wanted to gain visibility into their application’s security and block attacks automatically
  • Without a dedicated security team, they wanted a security partner and an easy-to-use solution that would bring a strong out-of-the-box value with the potential for advanced use in the future

Solution

  • Sqreen’s Application Security Management platform lets PeopleGrove confidently meet or exceed the security questions they get from their largest prospects and customers
  • Sqreen gives the team peace of mind with real-time, false positive free alerting and malicious attack blocking in production

Results

  • PeopleGrove has been able to pass their large customers security questionnaires with flying colors
  • PeopleGrove has integrated Sqreen into their development and alerting environment, making their developers more productive and secure


Founded in 2014, PeopleGrove is a SaaS platform in the education space, helping to connect every student and professional with the mentors, advisers, and network needed to realize their full potential. Currently over 70 people worldwide, PeopleGrove has been focusing on working with larger universities recently. On the technical side, they run a Node.js backend, and a React and Angular frontend. Today, security responsibilities are shared across the CTO and other engineering managers, as they have no dedicated security engineer in-house.

Peoplegrove illustration

As they began to work with larger and more sophisticated customers, PeopleGrove reached the point where security hit the top of their priority list. As they answered the security questionnaires larger customers were giving them, they realized they had a gap when it came to questions about proactive monitoring, firewalls, and application protection. In order to meet the requirements of their larger customers, they needed to make security investments that really moved the needle and had a strong impact on their security posture. At this point in time, they ran an annual pentest and security scanners, but it wasn’t enough for their evolving needs.

The team set out to find the next step in their security maturity journey. They wanted to be able to satisfy the requirements of their customers as well as be able to determine if an attack was taking place that they should react to. They researched several tools with mixed potential, and then they found Sqreen.

I liked Sqreen right away – the ease of installation and the technical sophistication of the product stood out immediately. It seemed like a foundational platform that would meet our needs today and that we could build off of more as we brought on a dedicated security team down the line.

Reilly Davis, CTO, PeopleGrove

The team implemented Sqreen and immediately started leveraging the out-of-the-box automatic configuration and a couple of Playbooks, focused on being able to detect and reset passwords. The team started monitoring their security in real-time for the first time, setting up Slack and email alerts. With a couple alerts per day popping up, they’re able to stay on top of their application security without getting buried in a flood of noise and false positives.

I really liked going with Sqreen because the baseline protection is so easy and gives us a lot of value without needing to dive too deeply into specific security minutia and manual configuration. The Sqreen team and product were sophisticated and enterprise-ready, so I was happy to jump in.

Reilly Davis, CTO, PeopleGrove

In addition to blocking and monitoring attacks from bad actors in production, Sqreen is helping PeopleGrove bring security into their development process. For example, one time the team deployed a couple of new features that triggered Sqreen because of the way SQL was passed through the features. The team paused and reconsidered that flow, allowing them to catch the issue before anyone else.

It’s often hard to find a great out-of-the-box default setup with advanced tools for people who want it. Sqreen nails this. The default is great, but there’s a lot of advanced potential with Playbooks and other features. It makes me and my engineers think of potential future use cases that can become part of new things we build.

Reilly Davis, CTO, PeopleGrove

As the PeopleGrove team handles security questionnaires today and looks forward to SOC 2 preparations in the near future, they’re pleased to know that their application security, and the related items for compliance, are well taken care of. The team can rest easy knowing that their application security is strong today and well set up for the future as they scale.

---

Request a demo to learn how Sqreen can help you protect your apps, APIs, or microservices.

Protect your SaaS application today

Get continuous security monitoring and protection for your apps without false positives.

Get Started For Free
Transparent security is here Scale your application security without impacting velocity Try Sqreen Today