Why env0
Solutions
Infrastructure as Code (IaC) Automation Teams and GovernanceManaged Self-Service env0 for the Enterprise
DocumentationPricing
Resources
Case StudiesIn the NewsVideosWebinars
Blog
Login
Get a Demo
FREE TRIALContact us
Case Study
Salt Security

Salt Security increases development velocity with env0

Salt Security Logo
Website
Download PDF

The Salt Security API Protection Platform provides API security across modern applications. The platform collects API traffic across the entire application landscape and applies AI/ML and big data to inventory all APIs, identify and stop attacks, and provide remediation insights to harden APIs.

The Salt Security platform identifies vulnerabilities in real time — in pre-production as well as production environments — and it integrates into app dev/build systems to ensure security from the moment APIs are created.

Changes in application frameworks, such as the adoption of Kubernetes, containers, and cloud native architectures, as well as innovation initiatives such as digital transformation, cloud migration, and app modernization, have all driven a huge increase in the volume of APIs and therefore the need for API security. As a result, the Salt Security team, backed by Sequoia Capital and CapitalG, began exploring new methods for development and ultimately the infrastructure that supported the testing of their applications.

The Salt Security Challenge

As with many cloud native solutions, the Salt Security team believes that software development speed is a competitive differentiator. DevOps is an essential component to their success, just as much as security. While attempting to make DevSecOps a reality, Salt Security began to experience challenges:

  • Lack of visibility of locally-sourced IaC deployments
  • Inability to efficiently provision resources
  • Testing environment control
  • Infrastructure cost management

The biggest technical challenge was the ability to dynamically create and maintain namespaces within Kubernetes. The team faced configuration management challenges due to the duplication and ultimately struggled with scheduling, maintaining, and keeping those testing environments up to date.

These challenges hindered application delivery, and the teams began to feel the strain at a personal level due to inefficiencies, bottlenecks, and unnecessary overhead. Timing of planned work began to affect developers when their environments would go down without knowledge because of duplication and configuration issues.

The env0 solution

With env0, Salt Security manages and deploys Terraform from a unified platform. They now divide the appdev work into projects and environments, as well as provision, manage, and view all resources from a single platform. Among the ability to support the necessary DevOps and CI/CD solutions, the Salt Security team specified the following areas of improvement:

Developer Self Service
‍
The env0 platform enabled developers to provision environments independently while adhering to organizational requirements and standard policies.

Pre-Process Capabilities
Salt Security reduced the number of configuration files and variables for most environments.

Finally, env0’s Role Based Access Controls (RBAC) quickly became a key differentiator for the Salt Security team. Their ability to restrict access to environments and projects, at a team, developer and cloud resource level was an extra benefit. Enforcing policies allows for shutting down specific environments during the weekend to save money.

Env0 allows me to enforce policies on specific environments without the need to constantly check and manually deactivate/activate them.

Gal Porat
Director of Devops, IT and Security

The Benefit to Salt Security

With env0, Salt Security further embraces the benefits of Cloud Native technologies and DevOps principles and practices while lowering cloud infrastructure costs and keeping information security top of mind. Developers self-service provision infrastructure when they need it, helping them stay on track with demanding timelines. Self-service saves the business money, and improves developer morale and effectiveness by eliminating bottlenecks and distractions that sap productivity.

About env0

env0 provides an automated, collaborative remote-run workflows management for cloud deployments on Terraform, Terragrunt and custom flows. env0 enables users and teams to jointly govern cloud deployments with self-service capabilities. env0 provides visibility into GitOps workflows of infrastructure changes. Leverage our granular RBAC permissions and limit access to IaC execution (e.g “terraform apply”), on production and other critical cloud resources. Implement any policy or check you desire with the freedom of an open standard Open Policy Agent guardrails. env0 can also help you prevent drifts with centralized remote-runs processes.

Learn more about env0

Ready to see env0 in action in your environment

Get a Demo
CNCF Member Badge
Company
About UsIn the NewsPress ReleasesCase StudiesAdditional ResourcesCareers
Developer and DevOps
APITerraform ProviderTerratag Open Source
Terraform Cloud AlternativeDIY AlternativeAtlantis Alternative
FREE TRIAL
Follow Us
Terms of ServicePrivacy PolicySecuritySystem Status
© Copyright env0 2023
This website uses cookies. We use cookies to ensure that we give you the best experience on our website. Learn More
PreferencesDenyAccept
Privacy Preference Center
When you visit websites, they may store or retrieve data in your browser. This storage is often necessary for the basic functionality of the website. The storage may be used for marketing, analytics, and personalization of the site, such as storing your preferences. Privacy is important to us, so you have the option of disabling certain types of storage that may not be necessary for the basic functioning of the website. Blocking categories may impact your experience on the website.
Reject all cookiesAllow all cookies
Manage Consent Preferences by Category
Essential
Always Active
These items are required to enable basic website functionality.
Marketing
These items are used to deliver advertising that is more relevant to you and your interests. They may also be used to limit the number of times you see an advertisement and measure the effectiveness of advertising campaigns. Advertising networks usually place them with the website operator’s permission.
Personalization
These items allow the website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features. For example, a website may provide you with local weather reports or traffic news by storing data about your current location.
Analytics
These items help the website operator understand how its website performs, how visitors interact with the site, and whether there may be technical issues. This storage type usually doesn’t collect information that identifies a visitor.
Confirm my preferences and close