Case Study: Doctolib achieves continuous, scalable SaaS security and a Zero Trust posture with CrowdStrike Falcon Shield

How the European eHealth Leader Implemented an Agile and Robust SaaS Security Program at Scale

Doctolib is a leading European eHealth provider serving about 90 million people and 430,000 healthcare practitioners with over 3,000 employees across several countries. Despite a mature security organization, the Corporate Security team relied on manual SaaS audits that produced only snapshots of risk. As Doctolib’s app footprint grew, unmanaged onboarding, shadow apps and insufficient visibility into configurations, user access and third‑party integrations made compliance and scalable security management increasingly untenable.

After an RFP and proof-of-concept, Doctolib adopted Adaptive Shield (now CrowdStrike Falcon Shield) to gain continuous API-driven visibility and device context via CrowdStrike integration. The platform helped onboard stakeholders, surface and remediate misconfigurations, and enforce Zero Trust controls; Doctolib built 40+ custom checks, improved deprovisioning, and gained granular Permissions and Data Inventories to reduce over‑entitlement and public data exposure. Today the company monitors many integrations, holds quarterly reviews with app owners, and is extending detection/response and homegrown app coverage.

Doctolib

François-Xavier Le Quéré

Corporate IT Senior Security Engineer