Securing a rapid cloud transformation.
As growth surged, Tipti needed security to be a catalyst for speed and innovation rather than a roadblock. Yet, operational complexity quickly outpaced the team’s ability to manually manage risk.
- Fragmented visibility left the team without a clear view of assets and vulnerabilities across its multicloud environment.
- Insecure code reached production as developers frequently made use of third-party libraries without vetting.
- Manual investigation and reactive reviews resulted in slow response times.
- Increasing complexity outpaced the team’s manual controls as new technology was introduced to support user growth.
- No ability to measure risk—or fix it—left the company susceptible to attacks.
“Before Cortex Cloud, we had no way to measure our risk; we were simply releasing software without control. Now we correct 100% of vulnerabilities before they ever hit production, ensuring our projects going forward have the best practices regarding security.”
— Mario Congo
CISO, Tipti
Powering innovation through visibility.
Tipti required a solution that integrated seamlessly with its AWS and Google Cloud environments without requiring a core architectural overhaul. The company selected Cortex Cloud because it adapted to Tipti’s existing stack, provided a complete view of its cloud-native ecosystem, and provided the controls to find and fix vulnerabilities before they could cause harm. “We chose Cortex for the ease of integration and for the visibility of our entire environment to be able to make decisions and solve problems immediately,” says Mario Congo, CISO at Tipti. With Cortex Cloud’s unified data integration, the team moved from fragmented guesswork and isolated findings to data-driven risk management through a single source of truth.
“Palo Alto Networks has helped us centralize our cloud security findings, allowing us to identify critical vulnerabilities faster, assign remediation actions more efficiently, and support our ISO 27001 evidence and risk management process.”
— Mario Congo
CISO, Tipti
-
Securing the application lifecycle
Tipti’s cloud security transformation focused on embedding security controls directly into the development pipeline. The team replaced time-consuming manual reviews with streamlined automation by integrating Cortex Cloud’s Application Security into their CI/CD workflows. By blocking insecure code before it reaches production, Tipti fundamentally improved real-time collaboration between the security and engineering teams.
-
A leap forward in visibility and control
Since upgrading to Cortex Cloud from Prisma® Cloud, Tipti has achieved greater visibility, faster vulnerability prioritization, and stronger DevSecOps governance. Congo reports that Cortex Cloud delivers a more organized, granular view of the company’s ecosystem, providing a clearer roadmap for how a single vulnerability could have a ripple effect on an entire project. These advancements unlock critical new use cases, allowing the team to scale automation, deploy advanced playbooks, and leverage enhanced dashboards to respond in real time and proactively manage risk.
By integrating Cortex Cloud into VS Code, Tipti was able to embed guardrails that prevent 100% of insecure code from reaching production directly into the development process. Congo explains, “The platform detects vulnerabilities in real time and issues remediation suggestions through artificial intelligence while the user is developing,” allowing engineers to write inherently secure code from the very first line.
-
Driving operational efficiency and continuous compliance
Cortex Cloud has transformed Tipti’s incident management, optimizing workflows with a seamless Jira integration that automatically assigns cases to the correct owners, slashing the Mean Time to Resolution (MTTR) to just three minutes—a 90% reduction. This has enabled staff to pivot from manual investigations toward high-impact initiatives like antifraud measures and global security research to stay ahead of threat actors.
“Cortex Cloud allows us to make strategic decisions and plan future security strategies rather than just reacting to isolated findings.”
— Mario Congo
CISO, Tipti
Leveraging insights from Cortex Cloud, Tipti created an immediate roadmap for global governance. By continuously monitoring the environment against industry standards, Tipti has achieved 95% compliance with the ISO 27001 framework, ensuring that as the company expands into new markets, its cloud environments remain compliant, rigorous, and resilient at scale.
A strategic ally for secure expansion.
The personalized support and deep knowledge transfer has led Congo to see Palo Alto Networks® not just as a vendor but as a strategic security ally essential to Tipti’s long-term expansion and resilience. The relationship is backed by an exceptional customer success experience that has truly differentiated Palo Alto Networks from other companies.
By fully embedding Cortex Cloud into the company’s workflow, security has shifted from a development blocker to a powerful innovation enabler. Moving forward, Tipti aims to incorporate advanced playbooks to further optimize its remediation lifecycle, ensuring that every transaction is protected and cementing its position as the region’s most reliable e-commerce platform.
“Cortex Cloud is not just a platform for detecting risks; it is a strategic capability that helps us understand, prioritize, and reduce cloud exposure across our environment.”
— Mario Congo
CISO, Tipti
share this story
