How Segura protected DevSecOps for Latin America's largest marketplace

Scale of the challenge: security in cloud e-commerce

For a retail giant with $1.6 billion in annual revenue, development speed is critical. However, rapid infrastructure growth created serious security risks. The company operated thousands of permanent and ephemeral servers in AWS and GCP clouds, where critical vulnerabilities became commonplace.

Problems requiring immediate solution

• Hard-coded keys: Over 2,000 secrets were hard-coded, making secure rotation impossible.
• Lack of accountability: Shared use of secrets allowed attackers to act anonymously.
• Infrastructure ephemerality: More than 20,000 temporary servers created chaos in access control.
• Operational errors: Unauthorized changes led to downtime and data leaks.

Comparison of approaches: Traditional management vs Segura automation

Traditional approach (before implementation)

• Secrets: Stored in plain text within GitLab repositories.
• Audit: Practically impossible for shared accounts.
• Speed: Manual key rotation slows down the CI/CD pipeline.

Segura solution (after implementation)

• Secrets: Automatic discovery and dynamic rotation during deployment.
• Audit: Full session recording and auditing of every developer's actions.
• Speed: Seamless integration with Kubernetes and automatic identification of ephemeral servers.

Results of the transformation

The integration of Segura into DevSecOps processes allowed the company not only to close security gaps but also to optimize cloud costs. Over 40% of redundant AWS users were removed, significantly reducing the attack surface.

"Implementing Segura allowed us to accelerate DevSecOps initiatives while ensuring full transparency of actions in the cloud environment."