How Meesho Strengthened it’s GCP Security Posture with Snowbit by Coralogix

Meesho significantly scaled its digital operations—handling ~650,000 requests per second during festive sales and monitoring thousands of infrastructure assets. It became clear that traditional cloud-native tools could no longer keep up with their growing demands. The team needed a unified solution for observability and security monitoring. Existing tools lacked real-time alerting and an integrated system view, forcing reliance on multiple platforms and frequent context-switching. This fragmented approach increased workload, complicated data correlation, and slowed incident response times. To address these challenges, Meesho set out to find a solution that could close operational gaps, enhance visibility, and consolidate security operations into a single, centralized platform.

Already a satisfied Coralogix user, Meesho found Snowbit to be the natural choice for its managed security service provider. Snowbit provided the team with centralized visibility into Meesho’s GCP infrastructure while alleviating the day-to-day burden of manual monitoring through automated detection and analysis. Snowbit’s predefined detection rules, particularly for GCP, allowed the team to streamline Level 1 (L1) analysis, reducing noise from false positives and enabling a swift response to genuine threats.

Meesho’s onboarding process was smooth and efficient, supported by detailed documentation and dedicated assistance from Snowbit’s team. The Meesho team successfully onboarded essential services such as GCP’s native security service and audit logs with minimal friction. Snowbit support throughout the process made it easy for Meesho to set up real-time alerts and custom detection rules tailored to their specific use cases.

“Snowbit has brought immense flexibility and efficiency to our security operations. The platform’s extensive detection rules, custom alerting capabilities, and seamless integration with our GCP infrastructure have enhanced the way we handle cybersecurity. With Snowbit’s support, we’re able to focus on proactive security measures and complex initiatives, confident in our foundational security layer.”

— Rohan Sharma, Senior Security Engineer, Meesho

1. Improved Incident Detection and Reduced False Positives: Snowbit’s predefined detection rules and robust alerting have minimized noise, enabling Meesho’s security engineers to prioritize genuine threats, significantly reducing the time required for initial incident analysis and expediting time-to-repair.
2. Unified View and Real-Time Alerts: Snowbit provided Meesho’s security team with a consolidated view of all infrastructure logs and a seamless integration with Slack and Zendesk. Real-time alerts ensure that the team can respond and remediate quickly.
3. Compliance Enablement with CSPM: Meesho leveraged Snowbit’s CSPM tools for its ISO certification journey. The automated compliance assessments and continuous monitoring enabled Meesho to meet the rigorous requirements of ISO/IEC 27001:2022.
4. Cost Savings with TCO Optimizer: Coralogix’s Total Cost of Ownership (TCO) optimizer allowed Meesho to manage its log ingestion costs more efficiently than before. By archiving logs in cloud service provider’s storage and querying them only as needed using Archive Query, Meesho reduced observability expenses by 68%.
5. Custom Rules and Alerts Tailored for Meesho: , Snowbit’s extensive set of quick start extensions and predefined detection rules for GCP allowed Meesho to create custom rules and alerts specific to its environment, including alerts for unauthorized modifications to security controls and real-time detection of potential threats within their GCP environment.
6. Streamlined Focus on Security Initiatives: By reducing the noise from false positives and performing initial detection, Snowbit enabled Meesho’s engineers to focus on high-priority tasks, such as proactive incident response, scaling security for high-traffic events and infrastructure hardening.
   

The Snowbit team’s expertise and consistent availability have been invaluable to Meesho’s security operations. From a seamless onboarding process—marked by detailed documentation and hands-on support—to ongoing weekly sync-ups, the team has consistently ensured that Meesho’s needs are met, even fulfilling additional requests for log adjustments and custom detection rules. This close partnership has allowed Meesho to focus on critical security initiatives, confident that they have a proactive and highly responsive team backing them for any security challenge they face.