How gridX leveled up its SaaS security program with Nudge Security

The Challenge

A fundamental aspect of complying with standards, such as ISO27001 and SOC 2, is to provide an overview of applications utilized within the organization and user permissions. gridX’s Security Team Lead, Alei Salem, had started working on that overview in typical bootstrap fashion: by compiling a massive spreadsheet. He wasn’t very far into this exercise when he realized it simply wouldn’t work. Not only would the spreadsheet simply be too massive to manage with a rapidly growing number of staff, but it would also require constant care and feeding (and relentless chasing of app admins) to keep it even close to accurate. Modern work moves fast, and a spreadsheet simply can’t keep up. He knew he needed a less manual, more scalable approach. 

The Solution

When Alei joined gridX as a Team Lead in Security, one of the highest priorities was to figure out what SaaS tools were already in use at the company. He needed to fully understand the organization’s external attack surface, including the full extent of its SaaS footprint. That level of understanding, of course, begins with visibility.

Nudge Security was an easy decision for gridX, first and foremost, because its patented approach to full SaaS discovery immediately solved their most pressing challenge. But what made it a no-brainer was the product’s reasonable and transparent pricing, plus a particularly supportive customer onboarding experience. “The willingness to listen to any sort of feature requests during the trial period was really impressive,” remembers Alei. “There are a lot of platforms where they just give you access and that's it.”

The Results

Immediate historical visibility of gridX’s entire SaaS footprint
Streamlined access reviews and vendor assessments
Comprehensive employee offboarding for managed and unmanaged SaaS accounts
Complete SaaS attack surface visibility, including apps, accounts, OAuth integrations, and supply chain breach notifications

Key Benefits

Historical visibility of gridX’s entire SaaS footprint—without a spreadsheet

Within minutes of deployment, Nudge Security was able to discover gridX’s entire SaaS attack surface: managed and unmanaged accounts, users, OAuth connections, resources, and more. Alei and his team were finally able to get the full picture of who has access to what, and how. Which accounts were accessed by SSO and which had MFA enabled were no longer burning questions, but easy answers.

“Nudge Security gives us visibility of our attack surface and alerts us when an app we’re using has been breached,” says Alei. “We’re able to investigate what happened and who’s using it, whether that’s the CTO or an intern, and so on. Getting that information in a timely manner can definitely help us reduce that blast radius as much as we can.”

Self-service SaaS access requests

gridX employees are also now able to maintain their own pace of work by consulting the organization’s app directory in their own Nudge Security dashboard for a full inventory of the company’s approved and acceptable apps, as well as those in review. This allows new employees to get up to speed even quicker, while empowering existing employees to answer their own questions immediately.

Beyond access requests for approved applications, Alei has seen employees reduce their usage of personal and inessential accounts at work since implementing Nudge Security. “After introducing Nudge Security’s app directory and giving more context on what apps are approved and what are not, users started already adjusting their access and deleting unnecessary accounts.”

“It all starts with just switching on the lights, so to speak. Where are you exactly? Nudge Security is definitely one of the tools that helped us do that.”
Alei Salem
Team Lead Security, gridX
Streamlined access reviews and vendor assessments

With compliance certifications like ISO 27001 and SOC 2 looming, Alei and his team can now ditch the spreadsheet of user access and permissions in favor of a real-time source of truth. Because Nudge Security discovers and categorizes cloud and SaaS assets in scope of SOC 2 and orchestrates access reviews across SaaS owners, preparing for a SOC 2 compliance audit is as simple as running a purpose-built SOC 2 access review playbook.

Meanwhile, when Alei is notified of new applications introduced, he can quickly conduct just-in-time vendor assessments, with details like data locality, legal jurisdiction, certifications, breach history, and more available right in his Nudge Security dashboard.

Employee offboarding for managed and unmanaged SaaS accounts

Offboarding departing employees isn’t a task anyone looks forward to—especially when each employee manages their own mysterious constellation of apps, accounts, workspaces, and OAuth grants. Hunting it all down can feel like the world’s worst scavenger hunt. But now, when employees depart or change roles at gridX, the IT team can ensure the process is efficient and complete with Nudge Security’s employee offboarding playbook

Again, the massive spreadsheet has been replaced by a real-time source of truth, and the gridX team can offboard employees with ease—and confidence that nothing has been overlooked.

As Alei explains, “Nudge Security’s automated offboarding playbook is pretty important and interesting for our IT team. Now we can make sure we offboard employees thoroughly without taking time away from other priorities.”

Ready to get started?
Try it free

How Watershed uses Nudge Security for SaaS attack surface management

Using Nudge Security, Watershed gained full historical and ongoing visibility of its entire SaaS attack surface, allowing for swift and seamless real-time security interventions.

“Nudge Security is the way to find out what applications your employees are actually using, and that's just not addressed completely by any other solution.”
Jesse Kriss
CISO Watershed

About the customer

As Europe’s leading smart energy company, gridX provides an advanced platform that monitors and controls distributed energy resources, allowing its partners to rapidly build and scale smart energy management solutions.
Based in Aachen and Munich, Germany
Founded in 2016
190+ employees
Ready to get started?
Try it free