Challenge
- Limited visibility into threats across their critical code supply chain and cloud environment.
- Small security team with limited capacity to investigate and respond to incidents in real time.
- Difficulty prioritizing threats across a flood of cloud detections from native tools.
- No SOC-specific analysts, leaving security operations entirely manual and reliant on limited tooling.
- High developer activity from both internal and external contributors created an elevated risk of exposed repositories and leaked secrets.
Solution
- Adaptive detection coverage for AWS and GitHub, securing LottieFiles’ most critical assets.
- Automated false positive filtering and incident investigations with Exabots and human MDR experts, freeing engineering time for critical priorities.
- Helped focus efforts and remediation efforts by highlighting the highest-risk issues across systems, such as a public RDS cluster actively probed by malicious IPs, and guided migration to a private instance to reduce exposure.
- Adopted the Exaforce MDR service that leverages its agentic SOC platform, gaining instant SOC capabilities with 24/7 expert monitoring and response.
- Continuous monitoring and investigation across cloud, code, and supply chain assets.
Highlights
6 days, 4 hours
person-hours saved every 30 days
80% reduction
in investigation times
Incident response
within the first 30 days of deployment
Securing the LottieFiles platform for developers worldwide
LottieFiles is the leading platform for creating, editing, testing, and distributing Lottie animations, serving millions of designers and developers worldwide. Its platform powers motion graphics in some of the most widely used apps and websites, making security critical to protect both the company’s code and the creative assets of its global community. Before Exaforce, LottieFiles had no dedicated SOC, forcing non-expert staff with other responsibilities to handle investigations, making the investigations slow, resource-intensive, and constrained by limited tools.
By adopting Exaforce’s MDR service, powered by its full-lifecycle Agentic SOC platform, LottieFiles gained instant SOC capabilities with full customer visibility. The company immediately benefited from expanded detections, automated false positive handling, and clear alert prioritization without the cost and complexity of building a SOC in-house. Within weeks, LottieFiles had unified visibility, automated triage, and 24/7 expert support.
With Exabots triaging alerts and MDR analysts responding to confirmed threats, incidents were contained before impact. Early wins included investigating suspicious AWS network activity to a known malicious domain, neutralizing a malicious file upload attempt, and guiding containment in near real time.
“We went from having no SOC to having world-class SOC capabilities overnight. Exaforce gave us the visibility, automation, and expertise we needed without building it ourselves,” said Jawish Hameed, VP of Engineering at LottieFiles.
When a supply chain security incident hit the LottieFiles npm package, Exaforce collaborated on the investigation and mitigation, helping the company maintain transparency and trust. During the tj-actions incident, Exaforce worked with LottieFiles to identify exposed repositories, pinpoint exactly which secrets needed rotation, and ensure they were replaced before compromise. The platform’s data exploration features eliminated the need for manual repository checks, saving days of work to find and mitigate the risk.
Before Exaforce, every alert required manual review, creating backlogs and slowing response. Now, Exabots automatically close false positives with detailed justifications and prioritize real threats, allowing MDR analysts to focus on prioritized, high-severity alerts, reducing fatigue and accelerating resolution.
“We had a security event that Exaforce noted was a true finding, and the MDR team joined immediately to help tackle it,” said Jawish Hameed. “Exaforce didn’t just give us alerts, they gave us answers. Their automation and MDR expertise helped us close incidents faster and be more confident in our security coverage.”
With Exaforce, LottieFiles moved from zero SOC capabilities to operating with continuous monitoring, automated triage, prioritized investigations, and expert-led incident response, reducing risk, freeing engineering resources, and improving security while responding faster to threats.
