How Triplebyte created an application security foundation with Sqreen
- Started from a position of no application security at an early stage, and wanted to find a way to strengthen this area in a hands-off manner
- Couldn’t afford to sacrifice on performance or speed of development
- No security experts internal to the company
- Sqreen provides Triplebyte with hands-off security monitoring and alerting
- Sqreen’s ASM platform allows them to delegate application security and focus on building a high performance application
- Triplebyte has peace of mind into their security thanks to clear visibility into their applications and noise-less alerting
- The ability to understand and stay on top of their application security without the need for a dedicated security engineer
- Sqreen helped Triplebyte go from 0 to 1 and get started on security
Founded in 2015, Triplebyte is a jobs marketplace for software engineers. They work with thousands of engineers and over 500 companies, from seed stage startups to the largest enterprises. A Series B company with a lean engineering team of a dozen people, they’ve focused on creating a streamlined tech stack for their applications. They leverage Ruby on Rails and Postgres, Heroku for hosting, and React on the frontend.
In the early years of the company, the focus was around building an application that was performant and efficient. With limited resources, prioritizing their efforts was crucial. They couldn’t afford to spend a lot of time or resources on security, but even at the very early stages of building their applications, they felt that it was important to have some security protections in place. They were happy to delegate application security to a 3rd party solution if they could find one that fit their needs and capabilities. They looked at security scanners but found them to be too noisy. It was at this time that they came across Sqreen.
“I was familiar with New Relic, and when I saw Sqreen, I said to myself “oh, this is like New Relic for security.” At the time, I could deploy things myself, so I set up Sqreen, and when I saw how simple it was to use, I was excited.” – Guillaume Luccisano, CTO, Triplebyte
They set up Sqreen to test and quickly saw that it fit their use case. Their primary concerns when looking at a security solution were that it would overly impact their application performance, and that it would be too much of a black box. Sqreen satisfied their concerns across the board. They found that the addition of Sqreen had virtually no impact on their application performance, and rather than being a black box, it instead gave them the flexibility to dictate how it interacted with their application and provided more visibility into their application itself. Sqreen gave them peace of mind to know that there was something sitting on top of their application and preventing bad things from happening.
Without a dedicated security team, Triplebyte relies on alerting and periodic incident investigation if necessary. Early on, Sqreen proved its alerting value by highlighting malicious security scans and blocking them automatically. When the team needs to dive into the dashboard, Sqreen surfaces actionable details about suspicious users and bad actors.
“It’s a great feeling to know that some things are taken care of on the security front in a way that doesn’t degrade the performance of our applications. The impact is minimal and we’re more secure. The signal-to-noise ratio is great, so I only have to break my flow to focus on security issues when it’s merited.” – Guillaume Luccisano, CTO, Triplebyte
As they continue to scale and bring on dedicated security people, the team is looking forward to diving deeper into Sqreen features like Playbooks, which allow them to set up customized responses to specific occurrence, protecting against attacks on their business logic. But for now, having a security dashboard and alerting system that the team doesn’t have to check every day is exactly the right fit for their needs.
“I really like the Playbooks functionality. It’s great to have visibility into what’s covered by Sqreen, and the flexibility to dictate how I want to respond. This is super powerful and something I’m looking forward to digging deeper into as we scale.” – Guillaume Luccisano, CTO, Triplebyte
With application security covered, Triplebyte is now able to free up their security resources and focus on other areas of security, including compliance and operational security. They’re able to meet the needs of larger companies and maintain their velocity without being too exposed on the security front. With Sqreen, they have the security foundation they need to stay protected prior to hiring dedicated internal security resources.
Start protecting your applications today
Get continuous security monitoring and protection for your apps and scale your security.Get Started For Free