Customer Snapshot
| Attribute | Details |
|---|---|
| Industry | Fast-Growing SaaS Platform Company |
| Cloud Environment | AWS (primary), GCP (supporting workloads), Multi-region |
| Infrastructure | ~400 EC2 instances, Kubernetes (EKS — self-managed & managed) |
| Code & CI/CD | Bitbucket (SCM), Jenkins (CI), JIRA (ticketing) |
| Compliance | SOC 2, GDPR, HIPAA, TRAI, DPDP |
| Team Profile | Small DevOps team — 2 engineers with gated cloud access |
| Existing Tools | Sprinto + AWS native security tooling |
| Cloudanix Scope | CSPM, CWPP (EKS), Code Security |
The Situation: Small Team, Large Surface
When you are a fast-growing SaaS platform company serving customers across multiple industries, your cloud environment does not stay simple for long. This company had built a substantial infrastructure footprint of around 400 EC2 instances running across multiple AWS regions, Kubernetes clusters on EKS handling production workloads, code flowing through Bitbucket and Jenkins, and GCP supporting additional services. Their infrastructure was designed to scale automatically as new products were spun up, and it did exactly that.
The security reality, however, had not kept pace. A small DevOps team of two engineers, each with gated access to the cloud environment, was responsible for maintaining security posture across this entire surface. They were using Sprinto for compliance workflow management alongside AWS-native tooling, but those two tools, while useful individually, left significant gaps in visibility. Cloud posture, workload-level security for their EKS clusters, and code-level risk were all either partially covered or covered by separate, disconnected workflows.
What made this particularly high-stakes was their compliance profile. The company was operating under SOC 2, GDPR, and HIPAA simultaneously. And critically, they also had to meet TRAI and DPDP requirements given the industries in which their customers operated. When a SaaS platform serves customers from regulated sectors, the compliance obligations of those customers can flow upstream. Security could not be a best-effort exercise; it had to be demonstrable, auditable, and continuous.
The Core Tension
A two-person DevOps team responsible for the security of 400+ EC2 instances, self-managed and managed EKS clusters, multi-region AWS infrastructure, and code pipelines across five compliance frameworks. The challenge was not awareness of risk. It was coverage with the team they had.
Where the Gaps Were
Cloud Posture: Native Tools Only Go So Far
AWS-native security tools; GuardDuty, Security Hub, and related services provide a solid foundation when you are operating entirely within AWS. But they are designed for a single-cloud view. For a company already running GCP alongside AWS, and planning to expand further, the native toolset creates a visibility ceiling. Findings from each cloud live in separate consoles; there is no shared context between them, and producing unified compliance evidence across both environments requires manual aggregation.
Beyond multi-cloud parity, native tools do not cover everything that matters for a team under SOC 2, HIPAA, and DPDP simultaneously. Compliance evidence generation, remediation guidance, and cross-service correlation require additional work that consumes time a two-person team simply does not have in abundance.
Kubernetes Security: The EKS Layer Was an Open Question
The company’s EKS clusters are a mix of self-managed and managed node configurations, representing one of the highest-risk surfaces in their environment. Kubernetes misconfigurations are notoriously easy to introduce and difficult to detect without dedicated tooling: containers running as root, missing network policies, overly permissive RBAC bindings, and workloads with access to the host file system are all common findings in environments where EKS security was not addressed as a dedicated layer from the start.
A key operational question the team raised during the evaluation was agent deployment: does security tooling need to be installed separately on each node, and does it handle automatic scaling — the core feature of their infrastructure model? For a team managing infrastructure that spins up automatically, a security agent that requires manual installation on every new node is not a viable option.
The Kubernetes Question: For EKS environments with auto-scaling infrastructure, the security agent must install across both self-managed and managed node groups automatically on all nodes, including master and worker, without requiring manual intervention each time new capacity is added. Cloudanix’s agent handles this in both configurations.
Code Security: The Pipeline Was Untouched
The company’s code lived in Bitbucket and moved through Jenkins before reaching production. There was no security scanning integrated into that pipeline: no static analysis, no secrets detection, no dependency vulnerability checking at the point of commit or pull request. Issues that originated in code were only discoverable after they had already reached the cloud environment, at which point remediation was significantly more expensive in both time and risk.
For a SaaS company deploying frequently across multiple products, this gap between code and cloud meant that the security team was always working reactively, finding issues in running infrastructure rather than catching them before they shipped.
The Cloudanix Solution
Unified Cloud Posture Across AWS and GCP
Cloudanix connected to both the company’s AWS and GCP environments through a standard read-only integration: no agents required at the cloud posture layer, no changes to existing infrastructure. The connection model uses continuous event monitoring rather than periodic polling, meaning CloudTrail events and GCP audit logs flow into Cloudanix in real time, not in batches. For a team that needed to move quickly when something changed, the difference between real-time and delayed visibility is the difference between catching an issue early and investigating an incident.
Across both cloud environments, Cloudanix surfaced misconfiguration findings, IAM risk, and compliance posture against the frameworks the team was operating under SOC 2, HIPAA, GDPR, and DPDP in a single dashboard. Compliance evidence that previously required manual extraction from multiple sources became available in one place, mapped to the specific controls each framework required.
One practical clarification the team asked about: Is the AWS integration event-driven or polling-based? Cloudanix uses a continuous, event-driven integration with AWS APIs, capturing changes as they happen rather than running scheduled scans. This means the security dashboard reflects the current state of the environment, not a snapshot from the last scan window.
EKS and Workload Protection: Built for Auto-Scaling
For the company’s EKS clusters, Cloudanix deployed a lightweight agent across all nodes: both self-managed and managed node groups, covering master and worker nodes. Critically, the agent is designed to scale with the cluster: when new nodes are added as the infrastructure auto-scales, the agent deploys automatically without requiring manual intervention from the DevOps team. This was a non-negotiable requirement for a company whose infrastructure model is built around automated provisioning.
At the workload level, Cloudanix’s CWPP capability provided visibility into container security posture by identifying privileged containers, host path mounts, missing security contexts, and RBAC misconfigurations across the cluster. For a team running self-managed EKS alongside managed node groups, having a single security layer that handled both configurations without separate tooling or separate workflows simplified an otherwise complex operational challenge significantly.
Code Security Integrated into the Pipeline
Cloudanix integrated with the company’s Bitbucket repositories to bring security scanning into the development workflow. Static analysis, secrets detection, and dependency vulnerability checks run as part of the code pipeline; findings surface as pull request annotations before code merges, giving developers the context they need to fix issues at the point where they are cheapest to resolve.
For a Jenkins-based CI pipeline, this meant security checks were added without replacing or disrupting the existing build process. The team did not need to introduce a new pipeline tool: Cloudanix extended the existing one. Given that the team was already managing a wide operational surface with limited headcount, integrations that fit into existing workflows rather than requiring new ones were the only realistic path forward.
Platform Impact: By the Numbers
30 min Agentless onboarding to first findings | AWS + GCP Unified under one dashboard | 5 frameworks SOC 2, HIPAA, GDPR, TRAI, DPDP | Auto Agent scales with EKS node provisioning
The Bigger Picture: Security at the Speed of Scale
This company’s situation is not unusual: it is, in fact, one of the most common profiles in fast-growing SaaS; a lean DevOps team, a cloud environment that has grown faster than the security tooling around it, and a compliance obligation that is real and imminent rather than theoretical.
The instinct in this situation is often to add tools: one for cloud posture, one for Kubernetes, one for code, one for compliance. Each solves its slice of the problem. But each also adds its own dashboard, its own alert stream, and its own integration to maintain. For a two-person team, that accumulation of point tools quickly becomes a burden that consumes more time than it saves.
The more durable solution is to reduce the number of systems the team has to operate, not increase it. When cloud posture, workload protection, and code security share the same asset graph and the same findings interface, the team works from a single picture of their environment, and not from three separate ones that each tell part of the story. Compliance evidence comes from one place. Remediation guidance is specific and actionable. And when something changes in the environment, a new IAM role, a new container deployment, a secrets leak in a pull request, and the signal surfaces in context, not as an isolated finding in a disconnected tool.
For companies operating under multiple compliance frameworks simultaneously, this consolidation is not just an operational convenience. It is the only model that scales with a small team over time, as the environment grows and the compliance obligations become more demanding, but not less.
The Outcome
The company gained unified visibility across their AWS and GCP environments, their EKS workloads, and their Bitbucket code pipeline; all through a single Cloudanix dashboard. Their two-person DevOps team moved from managing fragmented, manually aggregated security signals to operating from a single, continuously updated view of their entire security surface.
Compliance reporting for SOC 2, HIPAA, GDPR, TRAI, and DPDP was previously a manual, multi-source exercise; it became available from one platform, with audit-ready evidence generated without additional aggregation work. And their EKS security, previously an open question, was addressed with an agent model that matched how their infrastructure actually worked: auto-scaling, multi-configuration, and fully automated.
Key Results
✅ 30-Minute Onboarding: Agentless connection to AWS and GCP with immediate findings
✅ Unified Multi-Cloud Dashboard: AWS and GCP posture visible in one place
✅ 5-Framework Compliance: SOC 2, HIPAA, GDPR, TRAI, and DPDP from a single platform
✅ Auto-Scaling EKS Security: Agent deploys automatically with new node provisioning
✅ Shift-Left Code Security: PR-level scanning integrated into Bitbucket and Jenkins
✅ 2-Person Team Coverage: Full-surface security without additional headcount
Running a Lean DevOps Team Across a Growing Cloud Environment?
Cloudanix connects to your AWS, GCP, or Azure environment in 30 minutes — agentless, read-only, and with no disruption to your existing infrastructure. You will see your cloud posture, workload risk, and code vulnerabilities in one dashboard, with compliance evidence mapped to your frameworks from day one.
Book a Free Assessment to see what your environment looks like through Cloudanix.
