eCommerce Innovator Syte.ai Gains Control Over Its Cyber Risks

Syte Offers the World’s First Product Discovery Platform for Retail

Founded in 2015 as an image search company, today Syte uses visual AI to power product discovery solutions for retailers. This enables online shoppers to search for and discover products visually, the way they do in real life. The company’s solutions include image search, personalized product recommendations, product tagging, and advanced text search. By leveraging unique visual data, Syte makes it easy, fun, and intuitive for shoppers to find and buy what they’re looking for, improving customer experience and driving revenue for brands and retailers.

Syte offers the first-ever Product Discovery Platform, providing visual AI-powered personalization, “searchandising,” and even in-store solutions like smart mirrors that bring together the online and offline worlds. Syte powers product discovery experiences for more than 100 of the world’s leading brands. With $71 million in funding, 150 employees, and tens of millions of dollars in annual revenue, Syte is redefining the way people find and buy products online.

“Syte is an AI company, so smart AI in a security tool is important to us. Orca uses AI to connect vulnerabilities to lateral movement, to crown jewel assets, to the potential of exploits. This eliminates false positives and prioritizes threats for us.”
Barak Blima

CISO

Risks Are Inherent for a Startup with a Large Cloud Environment

Barak Blima joined Syte as the company’s first CISO. In this role, he built the security governance program, manages the day-to-day cyber risk landscape, and advises the executive management about business continuity. He has his work cut out for him. “Like any startup company, Syte must operate very fast to make sure our products and services get to market on time,” says Blima. “We started with a high appetite for risk as a trade-off for operating very quickly. The risks from cyber threats are very tangible, which means we have to mitigate different types of risk caused by a dynamic and changing environment.”

Syte’s cloud estate is quite extensive. The main environment is AWS, with some Azure accounts for specific clients. The total environment at this writing includes about 860 containers, 180 to 185 virtual machines, 3,600 Kubernetes orchestrations, and about 280 compute services with 40 serverless. The main security challenge when Blima assumed his position was a total lack of visibility of what was going on in the cloud.

“I had zero visibility of my cloud environment,” says Blima. “If you want to respond to risk or incidents, you must have clear visibility of your internal as well as external cloud environment, and you must know which assets are considered to be crown jewels and what means you have to protect them. Today the Orca Platform is mapping our cloud assets, and together with the development team, we mark our crown jewel assets. The visibility we get from the Orca Platform gives us more flexibility and the ability for high quality decision making. Those are the issues we had before.”

Orca Security Checks All the Boxes for 360-Degree Security

Blima conducted four Proof-of-Concept (PoC) projects with various cloud security companies. He was just about to close a deal with one of the vendors when he received an email from a systems integrator representing Orca. He decided to give this tool a look and he’s glad he did. “Looking back, it was one of the best decisions to take the time to give Orca a test.” He set up a PoC to see how well Orca could meet Syte’s needs.

Blima had a list of specific criteria he wanted from a security platform. He was looking for a 360-degree cloud security solution that includes vulnerability scanning, compliance, identity management, misconfigurations, neglected assets, encryption, data at risk, and smart AI. “When I’m talking about cloud security, those are the main factors I would like to examine,” he says. In addition, he wanted an agentless solution for more flexible growth and decision making, quick and friendly integration into his environment, and 24×7 support. He found all those attributes in the Orca Cloud Security Platform.

Blima also credits Orca for having a pricing model that is flexible and adapts to Syte’s status as a startup. “Orca gave us a good offer compared to competitors, and although this wasn’t the only factor in our decision, we appreciate the simple cost structure,” he says.

The Real Value Is in Reducing Risk

Orca’s continuous innovation is an important consideration for Blima. “I think the Orca roadmap is amazing,” he says. “Just recently they released five new capabilities that are very helpful to us—an API Security dashboard, CI/CD security, a new query engine, Patch Management, and Cloud Detection and Response. This shows the company spends time and effort on new features and continuous improvement to make sure CISOs, Infosec teams, Dev teams, and management will have full visibility of their cloud security posture.”

Before implementing Orca, Syte’s security team had no visibility over its cloud environment. Now they have 100% visibility. “Every single capability in Orca gives me the visibility for decision making,” says Blima. “I receive everything I need to mitigate different types of risk through the management dashboard. I can monitor my security score daily and also check the continuous improvement of the Dev team and the response to the Jira tickets from my Orca platform.”

“Every set of capabilities within Orca is crucial and gives the team more visibility for decision making in terms of mitigating different types of vulnerabilities or risk.”
Barak Blima

CISO

Orca has helped the security team discover a few very critical deficiencies. Blima says they found unencrypted databases as well as neglected assets that were no longer used but open to the world. They found active user identities in the system for people who had left the company long ago, in addition to weak authentication procedures, misconfigurations, and missing patches. They saw lateral movement in the platform, indicating the potential for risk when an intruder can jump from one asset to another to get to the crown jewels. They also caught data at risk, a publicly available Kubernetes server, and compliance issues with SOC II and GDPR regulations.

“We were able to mitigate these issues, some of which were an elevated risk because they would really impact the organization if the vulnerability was exploited,” says Blima. “We fixed all those issues in a very short time. In my point of view, this is the real value of this platform.”