Posted by Miryam Brand
May 11, 2022
Founded in 2015, Stash is a fast-growing banking and investment platform that allows its customers to invest and build wealth. Its founders, Brandon Krieg and Ed Robinson, former Wall Street veterans, wanted to make investing easy and affordable for everyone. Today, Stash has over 400 employees, helping over 6 million people create a more secure financial future for themselves.
Stash operates in the fast-paced Fintech industry. To maintain its competitive advantage, the company employs hundreds of developers and engineers to create innovative financial services. To help bring services to market faster, Stash has a cloud-first philosophy, with automated workload orchestration and CI pipelines.
Gavin Grisamore, CISO at Stash, is responsible for the company’s security. As a financial services company, Stash operates in a highly regulated industry and Grisamore must ensure they maintain compliance with many regulations, such as PCI-DSS. As Stash’s software developer and engineering teams grew, secrets within their Kubernetes environment grew exponentially. However, Secrets Management is not something developers want to worry about; they want to focus on creating impactful solutions to help Stash grow and stand out against the competition.
To reduce risk, and help with compliance efforts, Stash was looking to uplevel their Secrets Management solution, as well as their VPN remote access.
When their technology advisor brought Stash’s attention to Akeyless, Stash was immediately attracted to the fact that Akeyless is a unified SaaS platform and is multicloud. This matched the cloud-first mindset of this very dynamic Fintech company. By using a SaaS-based Secrets Management solution, Stash eliminated the operational overhead associated with deploying and managing Secrets Management infrastructure, high availability, disaster recovery, and backups. As the company’s CISO, Gavin Grisamore highly values the fact that Akeyless is a platform that supports Zero-Knowledge through its unique DFC technology. DFC makes it impossible for Akeyless, or other 3rd parties, to view Stash’s keys and the data they protect. In addition, Akeyless enables Stash to scale their engineering teams and make DevOps workflows more efficient by using Just-in-Time access scenarios.
Stash was also looking to replace its Open Source-based VPN solution to address human-to-machine access use cases. In Akeyless, they found a unified platform with comprehensive features, able to meet their needs for both Secrets Management and Privileged Access Management (PAM).
Check out the Customer Testimonial video where Gavin Grisamore explains why he recommends Akeyless for any organization that struggles with Secrets Management or PAM.
DevOps SecurityDevelopers on public GitHub leak over 5,000 API keys or credentials every day. Learn best practices to avoid credential breaches on GitHub.
What’s in a Secret? Best Practices for Static, Rotated and Dynamic SecretsSecrets are ranked as the leading cause of data breaches. Combat this by learning how to best use static, rotated, and dynamic secrets.
How Akeyless DFC™ Works—A Zero-Knowledge Approach to Key OwnershipAkeyless DFC™ allows you to retain full ownership of your data while operating in a SaaS model. Take a peek under the hood to see how DFC keeps your data secure.