Privacy settings
We use cookies and similar technologies that are necessary to run the website. Additional cookies are only used with your consent. You can consent to our use of cookies by clicking on Agree. For more information on which data is collected and how it is shared with our partners please read our privacy and cookie policy: Cookie policy, Privacy policy
We use cookies to access, analyse and store information such as the characteristics of your device as well as certain personal data (IP addresses, navigation usage, geolocation data or unique identifiers). The processing of your data serves various purposes: Analytics cookies allow us to analyse our performance to offer you a better online experience and evaluate the efficiency of our campaigns. Personalisation cookies give you access to a customised experience of our website with usage-based offers and support. Finally, Advertising cookies are placed by third-party companies processing your data to create audiences lists to deliver targeted ads on social media and the internet. You may freely give, refuse or withdraw your consent at any time using the link provided at the bottom of each page.
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Case study

Miro Case Study

The major requirements are the ability to auto-scale to support billions monthly requests, as well as to support new tech stacks and protocols. Our challenge was to achieve near real-time visibility to detect, analyze and defend app attacks against Miro.

Thanks for filling out the form!
The resource link will open in the new tab. If its not, please follow this link
Oops! Something went wrong while submitting the form.
Miro Case Study

Scaling security for Miro’s billions of API requests

Miro is the online visual collaboration platform that enables distributed teams to work effectively together, from running brainstorming sessions and workshops to planning projects, from designing new products and services to facilitating agile ceremonies. Thousands of companies and millions of users rely on Miro for collaboration in the new work-from-home world. Obsession about customer experience and responsiveness makes Miro rely on modern protocols like WebSocket.

  • 1000+ employees
  • HQ: San Francisco, CA
  • 20M+ users worldwide & accelerating
  • 95% of the Fortune 500 are existing customers

Why was the search for an API security vendor initiated?

The security of Miro user data is the highest priority. To increase the level of security and provide real time protection from emerging API threats, it was decided to bring API Security on the table. The requirement was to introduce threat prevention for the whole API portfolio.

3 benefits of deploying 
Wallarm API Security

  • Wallarm helps to monitor an interest from malicious actors to Miro’s APIs and alertSecOps team when required.
  • Wallarm blocks malicious requests to the WebSocket and gRPC APIs in real-time, with no manual involvement of SecOps team.
  • API-specific dashboard, smart triggers and integrations with DevSecOps toolchain allowed to automated incident response.

"The major requirements are the ability to auto-scale to support billions of requests per month and the ability to support new tech stacks, gRPC and graphQL protocols, and new attacks. While doing these we wanted to have near real-time visibility into what’s happening and how we can detect, analyzeand defend application attacks against Miro." – Roman Bulbenko, Head of ApplicationSecurity at Miro

Miro’s technical 
infrastructure details

Miro infrastructure is hosted within AWS. A lot of different technical stacks and applications are used behind the scenes including REST APIs, WebSocket, and others. Miro application works in real time to provide collaboration. All applications and infrastructure need to support that scale, stability and security.

  • AWS Infrastructure
  • Online whiteboard for distributed teams – latency is important
  • Provide beyond normal attacks coverage, visibility and ability to fine tune the WAF based on our application traffic

Trusted by the world’s most innovative companies:

15 min

To unboard and view secutity results
“I needed cloud security tooling that could get me visibility fast. Wallarm answers all my visibility needs within minutes — across multiple clouds.”
Miro Logo


per year in const savings
“With Wallarm, we've been able to scale API protection to the scale we need and manage with our infrastructure as a code approach.”
Rappi Logo


visibility into multi-cloud environments
“With Wallarm, we've been able to scale API protection to the scale we need and manage with our infrastructure as a code approach.”
Dropbox Logo
Panasonic Logo
Victoria's Secret Logo
Miro Logo
Gannet Logo
Dropbox Logo
Rappi Logo
Wargaming Logo
Semrush Logo
Tipalti Logo
UZ Leuven Logo

Ready to protect your APIs?

Wallarm helps you develop fast and stay secure.