Leading Digital Lending Platform

/

Learn how a leading fintech company protects logs and stack traces with Nightfall

Our customer is a fintech company that supports and simplifies applications for mortgages, consumer, and deposit accounts. Working with hundreds of banks and financial services firms across the United States, this firm’s cloud banking infrastructure powers billions of dollars in transactions every day and handles millions of customer records.

Industry
Technology
Integrations
Slack
Google Drive
Salesforce
Github
Region
North America
On this page

Challenge

  • The customer’s platform is built on a complex, yet modern technology stack. Utilizing a combination of custom apps, third-party services, and an observability layer managed through applications like Datadog and Sentry. This cloud native approach means endpoint or network security would not effectively protect their organization.
  • Processing billions of dollars of transactions everyday that often contain PII means there is significant risk of PII or Secrets and keys leaking into scan logs and stack traces if they are left unredacted.

Solution

  • Using just a few lines of code, this company significantly reduced its security liability by automating the inspection and redaction of PII from logs and stack traces.

Challenge

The CISO who we work with has more than 30 years of experience leading and scaling best of breed security teams and programs. Having worked at a number of leading financial firms including card processors, he has witnessed first-hand how difficult it is to build scalable and robust security programs.

The customer’s platform is built on a complex, yet modern technology stack. The company has a combination of custom apps, third-party services, and an observability layer managed through applications like Datadog and Sentry. This cloud-first approach places API connectivity at the core of all its applications and services. However, this approach also presents challenges when it comes to security, with a large volume of log data flowing into Datadog and Sentry. The CISO is chiefly concerned with the risk of sensitive information in logs and stack traces.

“Any time something alerts, and it's false positive, that's a waste of one of my team member’s time. So low false positives is clearly a very important thing. In some cases, yes, we've either disabled or limited what controls are in place and replaced them with Nightfall. In other cases we put Nightfall in where there were no controls.”

CISO

This is certainly not a unique problem; in the course of application development developers may accidentally encode sensitive information inside logs and stack traces. This can result in the leakage of PII and secrets. If an external party ever gets access to these logs (such as in the Solana Slope Wallet Breach) it can result in a breach. Such data can remain undetected in logs for years, which is what happened at Facebook. Part of maturing an engineering org involves developing systems to reliably remove sensitive data at scale, because as the risk of sensitive data leakage can grow proportionately with the amount of data being processed. As one of the largest fintech loan platforms, trust is a core aspect of our customer’s brand, making it vital that it take a proactive approach on this issue. This led the company’s security team to adopt Nightfall's Firewall for AI to scan logs and stack traces for PII, API keys, and more.

Why the company adopted Nightfall?

Building & hosting highly accurate, ML based sensitive data classification algorithms is no simple feat, especially at terabyte scale. Our customer realized early on that they needed something API-based that could abstract this away and seamlessly integrate with their applications. Nightfall’s fully cloud-native data leak prevention solution was the perfect solution.

“We were looking for something that was API-based, because we're a highly-automated API driven organization. This includes everything from our platform itself to the underlying services that support it, including all the security operations.”

CISO

Initially, our customer used the native security features of Sentry and Datadog, but found the basic regular expression (regex) capabilities lacking. These solutions led to a high rate of false positives, adding substantial work for the security team. “Sentry and Datadog have some basic features, but it is regex-based. Any system that is just purely regex based has a high number of false positives,” the CISO says.

How are they using Nightfall?

Our customer leverages Nightfall's Firewall for AI to create workflows that check for sensitive data at multiple stages in their data processing, including within logs, stack traces, and data stores. With the ability to scan over one million logs a day, Nightfall sits between our customer’s applications and service layer and its SIEM, playing a critical part in the company’s DevSecOps workflow. Any sensitive data in the company’s logs is automatically redacted before being logged into Sentry. Simultaneously, this code is pushed back to developers for re-review, so that any code generating leaking logs or stack traces is removed.

The Results:

Based on the customer’s success with Nightfall, they have now removed many of the native controls their tools have in place, and replaced them with Nightfall. The company has achieved  robust protection and the elimination of manual work.

“The implementation process was very straightforward. The API documentation was clear. The development path for us was pretty quick. Automation is the number one thing we think about. Absolutely. Always. It's the only way to scale a security program: through automation. You can't scale it just by adding people.”

CISO

With Nightfall, the company has moved beyond a checkbox security approach to a proactive security posture, which has ultimately led to a reduction in financial and breach risk. This was achieved by leveraging the versatility of the Nightfall platform. They have found that the platform’s high accuracy in detecting sensitive information, as well as its ability to automate the removal of sensitive data saves substantial time for the security team.Nightfall’s ability to scan a wide variety of content from text, files, images, and more also offers a complete solution, helping our customer consolidate security vendors.This makes Nightfall a trusted partner when it comes to checking data across the company’s infrastructure, providing a significant peace of mind. For the company, proving the ROI of Nightfall has been easy because of how quickly he was able to integrate it into our customer’s workflow and see immediate results.

 “We saw that Nightfall had a low false positive rate, and high levels of customization and configurability.”

CISO

Nightfall Mini Logo

Getting started is easy

Install in minutes to start protecting your sensitive data.

Get a demo