Case Study: Paddle creates a force multiplier for AppSec with Apiiro

How Paddle created a force multiplier for AppSec with Apiiro

Paddle, a payments infrastructure provider with 300+ employees and 80+ developers, needed a better way to scale application security as its small AppSec team built out the program. Vulnerabilities from existing tools were arriving too late in the SDLC, slowing releases and creating friction with engineering, while the team also lacked clear visibility into code ownership. To address this, Paddle turned to Apiiro and its Deep ASPM platform.

With Apiiro, Paddle gained a complete inventory across nearly 500 repositories, aggregated risk visibility from existing tools, and policy-as-code guardrails embedded into pull requests. Apiiro also expanded Paddle’s coverage with native open source and software supply chain security, helping block high-risk changes and giving developers actionable context. The impact was significant: Apiiro now monitors 100+ pull requests per week and saves Paddle’s security team about 2 days of work each week, while improving collaboration and giving leaders better visibility into engineering risk and productivity.

Paddle

Colin Barr

Senior Engineering Manager – Application Security