Papernest

Alert overload

Like many digital companies experiencing rapid growth, Papernest’s cloud environment was increasingly difficult to manage. Multiple monitoring tools produced floods of notifications, forcing staff to manually separate false positives from real threats – slowing investigations and risking critical issues being missed.  

“Our biggest challenges were lack of visibility and alert overload,” said Carriero. With a large infrastructure spread across multiple locations, it was hard for his teams to maintain visibility over every asset, user, and action. “The more tools we put in place, the more alerts poured in, creating a cycle of alert fatigue  

Business liability

This lack of visibility was more than an operational burden; it was a strategic risk. Papernest handles a vast amount of sensitive customer information, from utility accounts to insurance policies. The possibility of being attacked without knowing it, or being unable to trace the impact afterward, posed unacceptable business consequences.

As Papernest scaled its digital platform, Carriero’s teams needed a cloud security solution that could solve their challenges without adding complexity. With such a broad infrastructure and many different projects, configuring a tool or system in every environment was impractical. They required immediate visibility across AWS environments without weeks of configuration.

Choosing Darktrace: Leaner, smarter security for the cloud  

Papernest evaluated several cloud-native security platforms. While some offered strengths in compliance and configuration scanning, they fell short in areas Papernest considered essential.  

“We needed comprehensive cloud threat detection and response, not just static scanning or posture checks,” said Carriero. “Darktrace / CLOUD™ gave us full-spectrum visibility and active defense, including coverage for our specific cloud footprint in Scaleway. Other solutions simply couldn’t meet those requirements.”  

From setup to insights in hours

Since Papernest runs primarily on AWS, Carriero’s team was able to activate AWS VPC Flow Logs and forward network events directly to Darktrace / CLOUD. Within hours, Darktrace was analyzing activity across the cloud estate – without requiring manual integration into each project. “Our Darktrace implementation was super fast. We just turned on AWS Flow Logs and Darktrace immediately started analyzing the data. I really appreciated that,” Carriero said.

Adaptive AI that learns the business

Darktrace’s Self-Learning AI™ quickly adapted to Papernest’s cloud environment, learning what was considered “normal” for its operations. “It didn’t take long to train Darktrace on what’s ‘typical’ activity for our business. Now we receive very few alerts, and when we do, they’re always on point,” Carriero said.

Identifying weaknesses before attackers do

Beyond detection, “Darktrace / CLOUD provides Papernest with real-time architectural visibility and dynamic risk mapping.” Carriero said. Allowing the team to not only spot anomalous behavior as it happens but also understand potential attack paths and proactively secure exposed assets.

Since adopting Darktrace / CLOUD, Papernest has realized significant technical, operational, and business benefits.  

Taking control instead of fighting fires

By adding Darktrace to Papernest’s existing security framework, Papernest now has visibility and protection across every layer of its digital environment. The company has not only strengthened its cloud defenses but also built a more proactive, prevention-driven security posture, giving DevOps and SecOps teams more time to focus on strategic work.  

From false positives to focused investigations

Darktrace / CLOUD’s precision has helped to eliminate alert fatigue. The solution streamlines investigations with Darktrace Cyber AI Analyst™, which automatically contextualizes and triages alerts so SecOps can focus on real incidents. Each alert comes with rich information, detailing what happened, where it originated, and how it unfolded so analysts can investigate without switching between AWS logs, cloud consoles, or separate monitoring tools.  

One console for total clarity

“Before Darktrace, we had to jump between multiple places – logs, consoles, Slack, email – just to understand what was happening. Now, everything is centralized. We can investigate directly within the Darktrace console, and we don’t have to move away. That’s a huge time-saver,” Carriero said.

Automation at scale, human focus where it counts

Within a period of nine months, Darktrace conducted 1,356 total investigations of potential threats, resolving 94% of those autonomously and escalating only 6% to analysts for further review. The impact on analysts has been significant, with Darktrace saving 82 analyst hours on investigations within a two-week period alone.

Faster response for stronger security

With alerts delivered directly to the Darktrace mobile app, on-call engineers can respond immediately, even outside of office hours. This agility has strengthened Papernest’s resilience and provides leadership with greater confidence that the company is protecting sensitive customer data.

Scaling resilience for a scaling business

Darktrace / CLOUD has strengthened trust, efficiency, and resilience across Papernest’s business. “We trust Darktrace can catch threats before they can impact our business. That peace of mind is what we were looking for – and it’s what we got.”  

As Papernest continues to expand its physical and digital footprints, Carriero says the company can rely on Darktrace / CLOUD to scale right alongside the organization. “Darktrace has become a critical business enabler for us. It’s providing a foundation for a leaner, more resilient security operation that is protecting the business today while supporting our growth as a digital-first business.”