AngelOne discovered and tested 800+ API Endpoints with Levo

INDUSTRY

Financial Services

REGION

India
Hemanth Kumar Mangalore
Hemanth Kumar Mangalore
SVP Engineering AngelOne
arrow mark
Download PDF
Investment Platform overcomes API Sprawl to ensure transaction safety for its 20 million active customers

Executive Excerpt: 

“Before partnering with Levo, we had limited visibility into our APIs. However, their team has assisted us over the past year with API discovery and documentation and testing, maintaining data privacy, and regulatory compliance. This has led to a reduced attack surface and a significant increase in our developers' bandwidth. They have adeptly released custom features at high speed to meet our requirements. I would recommend them to any Engineering and Security Leader seeking a long-term, effective solution to API-induced data breaches.”

At a glance: 

AngelOne (formerly known as Angel Broking) is a leading retail broking house providing financial services for the last 25 years. Their commitment to providing the best customer experience through emerging technologies like APIs has positioned them at the forefront of the financial services industry but has also exposed them to potential security risks.

Levo was implemented across all their SDLC environments to safeguard their digital ecosystem from such threats. By identifying, documenting, and testing APIs across all environments, AngelOne has maintained its position as one of India’s most trusted investment platforms.

The Challenge: 

  1. Limited visibility into the API ecosystem 
  2. Confusion among developers due to the lack of a centralized inventory & changelog
  3. Uncertainty about which APIs transmit sensitive information
  4. Inability to scale manual testing efforts to cover all APIs
  5. Vulnerabilities leaking into production

The Achievements:

  1. Discovery and testing of over 800 API endpoints across staging and production environments using eBPF
  2. Automatic and detailed documentation of all API endpoints
  3. Constant visibility through an up-to-date API inventory portal used by their 400+ engineers
  4. Protection of sensitive data by fixing the lack of authentication mechanisms found in 15% of endpoints sharing sensitive data 

Want to know how AngelOne overcame these hurdles with Levo? Go through the attached PDF now!

Linkedin IconTwitter IconFacebook icon
AICPA logoGDPR logoISO logoLevo image
ProductUse CasesPricingEventsCompanyContact Us
ResourcesEventsDocsFAQs
Privacy PolicyTerms and ConditionsCookie PolicySecurity Information
Copyright © Levo