From Hours to Minutes: Doppler Boosts Traive's Efficiency by 10 Hours Weekly and Slashes Secret Audit Times by Over 90%

Customer Background

Traive, a leading AI-native fintech for the agricultural industry, was founded in 2018 with a clear mission: to bridge the information gap between farmers and lenders.

Their platform enables agricultural supply chain businesses to offer working capital loans to farmers, streamlining the credit process and providing real-time risk assessment through cutting-edge algorithms and data analysis. Traive aims to empower small and medium-sized farmers in Brazil with funding while enabling investors to access an efficient and transparent risk-analysis platform powered by AI. The Traive platform identifies the most suitable partners on both sides and devises successful investment strategies.

The Challenge

As Traive's business grew, the engineering team experienced rapid growth in their infrastructure, leading to a proliferation of secrets and associated configuration values. The growing pains and secrets sprawl began to impede their ability to scale and stay secure. The team faced several challenges:

Reduced Developer Productivity:

As a technology-driven fintech, where agility is paramount, Traive’s existing secrets management processes were a significant bottleneck. Before adopting Doppler, the team relied on .env files stored in AWS Secrets Manager. Accessing them and keeping them updated was a chore because the processes were manual and interruptive to the engineering workflows. Developers were spending a significant amount of time grappling with secret access, which hindered the pace of code and deployment.

Slow Onboarding:

New team members, including both freshly hired developers and current developers taking on a new project needed access to the relevant secrets. Granting them only the secret access they needed, in a just-in-time manner, was a challenge.

Security and Compliance:

As a Fintech, Traive takes security very seriously. The Security team regularly assesses the company's security posture to ensure the maintenance of robust security measures and compliance. Any security breach or non-compliance could lead to severe consequences, such as financial losses and regulatory penalties.

The Solution

Leonard Langsdorf, CTO at Traive, had charged Isaac Mbuotidem, DevOps/SRE Lead, with finding a secrets management solution that could overhaul their current processes. The main requirement - “make life really easy for developers so that they can be productive quickly. Anything that got in the way of that was a problem." While Isaac had used HashiCorp Vault at a previous company, he believed Doppler was a better fit for Traive’s shift-left security culture and self-serve approach to tooling. The developer-friendliness and detailed documentation made it easy for his team to get started with minimal friction.

“The design of how you interact with Doppler maps well to how developers already work and think so it is an easy tool to slide into the existing workflow."

Once the Traive team adopted Doppler for their entire software lifecycle, they experienced numerous benefits:

Enhanced Developer Experience:

The seamless integration with Traive’s technology stack dramatically improved the developer experience.

"Doppler has been a game-changer for our engineers. From local development to production, it ensures that secrets are readily available, making development workflows smoother and faster."

The intuitive dashboard, powerful CLI, and rich API provided engineers with the flexibility to interact with their secrets as they preferred. Isaac concludes:

"With Doppler, our developers can easily update secrets and access them whenever and wherever they need.”

Improved Engineering Productivity and Faster Onboarding:

Doppler replaced manual, scattered, and insecure .env files, boosting productivity and enhancing collaboration among the team. Developers could start working on a repository using doppler run, knowing that all the secrets and configuration values were seamlessly integrated into the application's running process. Doppler provided secrets during deployment for CI/CD pipelines. In production, the Kubernetes operator efficiently synced secrets as Kubernetes secrets, ensuring the right secrets reached the right application at the right time.

The user-friendly interface and compatibility with other 3rd party services sped up onboarding. As new team members became productive, they began to use the platform for additional cases, which further increased adoption.

Bolstered Security and Compliance:

Doppler’s centralized secrets management bolstered Traive's security posture. It ensured that secrets across the software lifecycle remained secure and were easily auditable, thus facilitating compliance with regulatory requirements.

The Impact

Engineering Productivity gains:

Doppler's centralized secrets management has freed Traive's engineers from the time-consuming task of hunting down necessary secrets. This has translated into substantial savings in engineering hours, boosting productivity and efficiency. Engineers can now spend more time writing code and less time searching for secrets.

“What’s beautiful about Doppler is that our engineers need to learn how it works once, and then that knowledge transfers to any other projects they’ll work on. With Doppler, engineers at Traive no longer need to spend time tracking down the secrets they’ll need. That 15 to 30 minutes spent messaging your colleagues and waiting for them to respond to tell you where to go look for the credentials, or who to message next, saves us approximately 10 hours of engineering time per week.”

Reduced security risk:

Doppler has revolutionized Traive’s security posture by efficiently managing the lifecycle of secrets and configurations at scale. Its leadership is no longer concerned about accidental exposure of secrets through less secure methods.

Managing the lifecycle and versioning of thousands of secrets across microservices, web applications, and cloud resources with Doppler has been magical. My time spent auditing our secrets portfolio has dropped drastically from one whole day to less than an hour.”

Automation:

Traive’s infrastructure automation is perfectly complemented by the Doppler Terraform provider. The automation implemented by the SRE team, leveraging the Doppler provider, ensures that application secrets are readily available when needed during code deployment. This has decreased the deployment times by 15%.

Conclusion

Doppler has become an essential partner to Traive’s engineering team by delivering efficiencies and scalability. The enhanced developer experience, improved security, and automation have positioned Traive for continued success as the company continues to expand globally.