Case Study

Lemonade Fortifies Defenses with Prelude’s Detection and Response Testing Platform


Industry icon


People icon


Location pin icon


Lemonade: A Leader in Insurtech

Lemonade, a trailblazer in insurtech with a globally distributed team, offers a range of insurance products in the United States and Europe. As a regulated, public company, Lemonade’s security practices are an important component in its assurances to the public market. Lemonade’s leadership understands security is essential for protecting its customers' data, and for maintaining its hard-earned reputation as a leading insurance provider.


Evolving Cyber Threats and Assurance Demands

Today’s active threat landscape generates many questions in executive offices and  boardrooms. When a trending threat enters the news cycle, Lemonade leaders want to know Lemonade is protected. They look to CISO Jonathan Jaffe for answers. Jaffe knows that buying the best XDR isn’t enough to meet the security challenges of today's landscape, so to extend his umbrella of protection, he explored several options.

Internal Red and Purple Team exercises proved expensive and inefficient, often dragging out for months and creating remediation bottlenecks upon completion. Attempts to automate this process using technologies such as breach and attack simulation (BAS) and automated pen-testing solutions also fell short, and came packaged with deeply lopsided costs-to-values.

In all cases, two assurance-driven requirements were not being met:

  1. Testing occurs in production, at scale, in a way that reflects the scope of XDR coverage.
  2. Any missing telemetry, detections, and/or preventions are quickly remediated.

Jonathan Jaffe

Chief Information Security Officer | Lemonade

“Prior to Prelude, we explored multiple solutions in an attempt to validate our defenses, then find and fix exposures. Neither process nor technology solutions were able to provide proper assurance or remediation capabilities that met our needs.”

Prelude’s Detection and Response Testing Platform

Jaffe’s search and evaluation cycle stopped when he found Prelude’s production-scale detection and response testing platform. Because there were no hurdles to jump through, his team could get started for free and see immediate value. “We quickly recognized Prelude was in a class of its own,” he says. “Not only is Prelude delivering on its claims of testing at scale, in production environments, but it has unique XDR integrations which make exposure remediation fast, and easy. Best of all, we could create a proof of concept without even talking to sales.”

Actionable Threat Intelligence

Lemonade effortlessly scaled Prelude to its entire heterogeneous production estate, comprising macOS, Linux, and Windows endpoints. With Prelude in place, taking threat intelligence and assessing Lemonade’s security posture suddenly became simple for Jaffe and his team. “Prelude’s lightweight testing infrastructure enables us to take our threat intelligence and make it actionable at the speed at which threat actors work. Threat intelligence decay is no longer much of a concern for us.”

Board-Level Assurance

Instead of making decisions using partial information, Jaffe leans on Prelude to confidently relay information. “I need to be able to go into any conversation with the board and have the knowledge and confidence to say, ‘I know, with certainty, we are protected’, which is what Prelude has been able to give me. By installing Prelude on all endpoints, we are able to run a test, collect intelligence, and march into meetings with conviction about the state of our security posture.”

Prelude’s philosophy and technology align with security leaders who, like Jaffe, pursue actual security, not compliance-driven security theater. “I don’t want a scanner or virtual machine-based product that generates noise. I want a solution that produces evidence.”

A Continuously Improving Defense

For Lemonade, control validation is only part of the equation. Jaffe was adamant about the ability to remediate XDR soft spots in a new solution. “Prelude’s ability to close exposure cannot be understated.”

Jaffe recognizes the impact of Prelude’s one-of-a-kind defensive integrations and the value they unlock. “If there’s ever an indication that our defensive controls are not meeting expectations, Prelude has a proposed solution, or a remediation, already in place. This saves our team time that would otherwise be spent engineering and implementing protections, or communicating with our XDR vendor, to implement a protection capability.”

Prelude presents Jaffe and his team with remediations that fill the protection gaps, encompassing everything from failing sensors to missing IoAs or misaligned policies. “Prelude takes control validation a step further by enabling closed-loop detection engineering. If there is missing telemetry, detections, or preventions, Prelude provides a fix.”

Jonathan Jaffe

Chief Information Security Officer | Lemonade

“With Prelude, I know with confidence whether our endpoint defenses will protect us against a threat. Anytime Prelude surfaces a vulnerability, it also fixes missing detections or prevention capabilities. It provides sound peace of mind, and saves us significant time.”

Level up your detection and response efforts with Prelude

Get Started Today