Securing the Wealthcare Journey: How Hugosave Scaled Cloud Security & JIT Access with Cloudanix
The Snapshot, TL;DR
- The Goal: Unify the security across AWS accounts while removing “permanent” access risks.
- The Solution: Deployed Cloudanix CSPM, CWPP, and IAM-JIT Cloud to protect EKS workloads and automate permissions.
- The ROI: Achieved a “frictionless” security posture with a localized Middle East tenant to meet strict regional data requirements.
About Hugosave
Hugosave is a leading fintech and digital companion empowering users across generations to spend, save, and invest sustainably. Through their “Wealthcare” journey, they provide an inclusive, easy-to-understand platform that requires the highest levels of cloud integrity and data protection.
The Challenge: Complexity at Scale
As Hugosave grew, so did the complexity of their infra, spanning multiple AWS accounts. With a tech team of 20, they faced three distinct challenges:
- Access Fatigue: Half the team consisted of front-end engineers who did not require permanent infrastructure access. Managing “long-standing” permissions manually was a significant security risk.
- Compliance Burden: It was taking a lot of resources to meet the high standards set by SOC2, ISO27001, and GDPR across multiple cloud environments and EKS workloads.
- Visibility Gaps: They needed to quickly identify vulnerabilities, such as open ports vulnerable to SSH attacks or the usage of unidentified resources.
The Technical Win
“Cloudanix gave us the visibility we were missing. Being able to move from permanent access to a robust Just-In-Time (JIT) workflow has fundamentally changed our security posture without slowing down our engineering velocity.”
— Pavan Kumar Lekkala, SRE Lead, HugoHub
The Solution: A Unified CNAPP with JIT Accuracy
Hugosave chose Cloudanix as their CNAPP (Cloud Native Application Protection Platform) because of its ability to scale alongside their business.
- JIT Cloud (Just-In-Time Access): This was the “standout” feature for Hugosave. Instead of permanent access, members of the team now receive access only when necessary, effectively eliminating the concept of “long-standing” credentials.
- CSPM & CWPP: Cloudanix provided immediate visibility into their EKS workloads and cloud accounts, allowing the team to instantly locate and remediate misconfigurations and vulnerable ports.
- Regional Excellence: To meet Hugosave’s specific operational requirements, Cloudanix onboarded them in a new tenant in the Middle East, ensuring compliance and performance were never compromised.
Check our solutions: JIT Cloud | CSPM | CWPP | CNAPP
The Fintech Trust & Compliance Perspective
“In the world of Fintech, trust is our currency. Cloudanix provided the frictionless visibility we needed to secure our EKS workloads across AWS, ensuring we stay audit-ready for SOC2 and GDPR without slowing down our engineering velocity.”
— Amol Naik, Head of Security & Infrastructure, HugoHub
The Results: Security Without Friction
By implementing Cloudanix, Hugosave scaled their security from a manual challenge into an automated advantage:
- Proactive Remediation: Quickly identified and closed vulnerabilities like open SSH ports before they could be exploited.
- Zero-Trust Access: Successfully implemented a JIT workflow that balanced developer velocity with infrastructure security.
- Sensible Scaling: Hugosave gained a cutting-edge security partner that offers “best-in-class support at a sensible price.”
The Partnership Perspective
“Beyond the technology, Cloudanix feels like an extension of our own team. Their willingness to stand up a dedicated Middle East tenant for us and provide exceptional support at a sensible price makes them a long-term partner for Hugosave.”
— Surya Tamada, CTO, HugoHub
Customer Brief
- Customer: Hugosave
- Industry: Fintech / Wealthcare
- Tech Stack: AWS, EKS
- SKUs Used: CNAPP (CSPM, CWPP, CIEM), Just-In-Time Access
- Compliance: SOC2, ISO27001, GDPR
- Impact: Frictionless JIT access & unified multi-cloud security
