About Lusha
Lusha's platform gives revenue teams instant access to accurate B2B contact and company data. With 1.4M+ users, integrations across the sales tech stack, and strict GDPR and CCPA compliance requirements, the bar for data security and operational resilience is extremely high.
Growing Fast, in Every Direction
Lusha's security challenges were not born from a single gap — they were the compounded result of rapid, multi-vector growth. The engineering organization was scaling aggressively, shipping new features weekly and expanding infrastructure across AWS and Kubernetes. Meanwhile, the security team remained intentionally lean.Alert volume grew in step with the platform. Wiz surfaced cloud and container findings continuously. The previous tooling left critical visibility gaps: there was no way to detect Lusha-specific API abuse or data scraping patterns, and the team had no single view across cloud, identity, and SaaS. Each new data source added cost and complexity, making full-stack coverage economically unsustainable.What arrived in Jira was often just a ticket — no investigation context, no chain of reasoning, no access to the underlying events. The team was flying partially blind, manually triaging alerts that should have been investigated automatically. When something needed remediation, it required manual action every time.
AI security was emerging as a new surface area too. Lusha was building out an AI agents framework — a category where standard detection playbooks simply do not yet exist. The team needed a partner that could grow into that space alongside them, not one locked into yesterday's threat model.
A Rigorous PoC Built on Real Success Criteria
Lusha did not evaluate Daylight on product demos and slide decks. Before committing, the security team defined a formal PoC success framework — nine concrete criteria spanning integrations, visibility, automation, ticketing quality, and response speed. Each criterion mapped directly to a pain point the team had lived with under previous approaches.
Speed was made explicit and quantitative. Daylight committed to specific MTTA (Mean Time to Acknowledge) targets per severity level — targets that Lusha could measure and hold them to from day one of the PoC:
The criteria exposed exactly where previous solutions had fallen short: black-box investigations, per-source pricing that punished growth, and a Jira queue flooded with unvalidated noise. By mapping each requirement to a measurable outcome before the PoC began, the evaluation process had no room for ambiguity.
During the PoC, Daylight onboarded the full Lusha stack — AWS, Okta, Jira, and Lusha's own API telemetry — within 48 hours. The AI investigation engine surfaced step-by-step reasoning for every alert. Raw event access was available on demand. Automated user questioning over Slack resolved tickets without analyst involvement. And when a custom integration gap appeared, a new connector was delivered within days, not quarters.
From Alert Overload to Operational Clarity
With Daylight in place, the dynamic changed immediately. Alert triage no longer sat on the desk of the internal team. Every finding from Wiz — cloud misconfiguration, runtime threat, or toxic combination — received a documented determination within the committed SLA window. The backlog that had been creeping upward flattened to zero.
Jira quality transformed overnight. Instead of a flood of low-confidence tickets demanding triage, only verified threats reached the queue — noise was auto-resolved before it ever became an interruption. The signal-to-noise ratio went from a liability to an asset.
Lusha-specific API abuse detection — a gap that had never been addressed — became operational. Daylight ingested Lusha's own API logs and built detection logic for unusual export volumes and scraping behavior. For a company whose core product is contact data, this coverage was not optional.
On the headcount side, the math became straightforward. Expanding 24/7 SOC coverage without Daylight would have required multiple senior hires — each expensive and slow to ramp. Daylight removed that equation entirely. The internal team could stay focused on posture, architecture, and the strategic work that moves the needle.
AI security coverage proved immediately valuable. As Lusha's AI agent framework expanded, Daylight provided detection and investigation purpose-built for that threat surface — covering prompt injection risks, data exfiltration via AI pipelines, and anomalous model behavior. No other MDR provider in the evaluation had this capability at production quality.
Security That Scales with the Business
For Lusha, security is not a brake on growth — it is infrastructure for it. Customers, enterprise buyers, and compliance frameworks all require confidence that data is handled responsibly and that threats are investigated, not just logged.
Daylight provides that confidence. It delivers continuous coverage, investigation depth across every layer of the stack, and the flexibility to evolve as Lusha's environment changes. For a company growing at Lusha's pace, that adaptability is not a nice-to-have — it is the point.

.avif)


