Case Study: Klaviyo detects and protects secrets in GitHub with Nightfall

Klaviyo detects and protects secrets and keys in GitHub with Nightfall

Klaviyo, a leading customer data and marketing automation platform, needed a better way to detect secrets leakage in its GitHub code repositories. Its Security Operations team had been using open-source tools to search for API keys and other credentials, but the tools were too slow for large repos, didn’t integrate well with GitHub’s API, and required too much manual effort to keep up.

Nightfall for GitHub gave Klaviyo an automated, high-accuracy secrets detection and remediation workflow. With Nightfall, the team could continuously monitor repositories, investigate historical alerts, receive Slack notifications, and quickly triage or resolve issues with support tickets to engineering teams. The result was faster detection at scale, reduced support and maintenance burden, lower resource and bandwidth costs, and stronger protection of customer trust.

Klaviyo

Shaun DeWitt

Director of Security