Industry: Financial services

SavvyMoney is an industry leader in financial wellness and growth solutions, providing services to over 1,500 banks, credit unions, and fintech institutions nationwide. Because SavvyMoney operates as a fourth-party processor on Amazon Web Services (AWS), the company’s security posture directly impacts clients’ regulatory compliance and customer trust. To address security-management challenges across dozens of AWS accounts,SavvyMoney worked alongside AWS Partner Plerion to implement an AI-powered solution. As a result, SavvyMoney accelerated security risk remediation and reduced issue research time, strengthening its security posture while better protecting its clients’ data.

Challenge

SavvyMoney’s rapid growth brought greater security complexity. With operations spanning 33 AWS accounts that are managed through infrastructure as code, the company’s five-person security team was facing increasing operational challenges. Security architects relied on multiple disconnected tools, often switching between solutions to identify issues in code bases, live services, and infrastructure configurations. “We didn’t have a single-pane-of-glass visibility solution,” says Gabriel Tam, network security architect at SavvyMoney.This fragmented workflow impacted operational efficiency. For example, the company uses AWS Identity and Access Management (AWS IAM) to securely manage identities and access to AWS services and resources. When a single misconfigured AWS IAM policy appeared across all 28 production accounts, the security team received 28 separate alerts, each requiring investigation.Determining whether a new security issue posed a risk to SavvyMoney’s environment meant gathering information from multiple sources, analyzing technical documentation, and assessing real-world impact before confidently prioritizing remediation. This process could take up to 2–3 hours per issue.

For a company that processes sensitive financial data, maintaining strong security is essential for customer trust and retention. Financial institutions have strict federal requirements and conduct thorough security evaluations before entering into fourth-party agreements. The manual, time-intensive security workflow limited SavvyMoney’s ability to demonstrate a proactive security posture or support strategic initiatives such as company growth through acquisitions.

Solution‍

SavvyMoney selected Plerion for its integration capabilities in addition to its unique AI-powered approach to security operations. Plerion’s agentless architecture runs directly inside SavvyMoney’s AWS accounts and integrates with services such as Amazon GuardDuty for intelligent runtime threat detection and Amazon Macie for sensitive-data discovery at scale. Plerion also uses its own scanners to correlate risks across security issues, configuration, identity and access management, and network exposure. This gives SavvyMoney near real-time detection capabilities while Plerion’s in-account scanning architecture doesn’t allow sensitive customer data to leave SavvyMoney’s AWS environment.

A key differentiator was Pleri, Plerion’s AI security engineer that is built on Amazon Bedrock, a service for building generative AI applications and agents at production scale. Instead of relying on a complex rule syntax, Pleri operates through natural language instructions. “We don’t need to create special rules or learn a new language to make requests,” says Tam. “You explain in plain English, and Pleri will just do it.” This intuitive interface helped SavvyMoney implement the solution across all 33 AWS accounts in minutes.

Pleri runs autonomous daily workflows to scan for critical security issues and risks. It analyzes SavvyMoney’s codebase and database environment to determine whether an issue affects the company’s specific implementation. Pleri then researches findings, assesses impact, creates tickets with remediation guidance, and sends notifications with prioritized action items. When needed, Pleri creates pull requests with remediation code, references, and impact analysis. “Because Plerion has access to our code base and our database environment, it can identify the required changes,” says Tam. This capability proved transformational for managing alerts across AWS accounts. When security issues arise, Pleri can distinguish between multiple issues and a single issue that is replicated across accounts. This streamlines remediation guidance and removes redundant triage work

Key benefits

By adopting Pleri, SavvyMoney reaped significant operational benefits. Time to remediation decreased by 50 percent, and manual research and triage time dropped by more than 60%. “Pleri does half the work for us,” says Michael York, VP of Information Security and DevOps at SavvyMoney. These efficiency gains translated into about 10% cost savings compared with previous security tooling. Beyond daily operations, Plerion now supports SavvyMoney’s acquisition strategy by helping the team quickly evaluate the security posture of the acquired companies.

As a result, the company expanded from 28 to 33 AWS accounts through acquisitions.For SavvyMoney’s clients, the implementation strengthens an already rigorous security posture. The company maintains SOC 2 and Cloud Security Alliance Level 2 certifications, which contribute to a 98 percent customer retention rate. And the operational efficiencies that Pleri provides help SavvyMoney free up its security teams to focus on high-impact work, such as supporting growth. “I can simply ask Pleri to do all the research for me,” says Tam.“Pleri finds research articles from credible sources so that I can determine whether the collected information affects our organization - all in a matter of minutes rather than hours.”

Results

Since implementing Plerion, Basis has achieved:

🔹 50% reduction in time to remediate security.
🔹 60%+ decrease in issue research and triage time.
🔹 ~10% savings compared to previous solution.

‍Find out more

Want to learn more? Book a demo and see what it’s like to have real help, not just another dashboard.