Wego achieves unmatched visibility and scales AWS operations

Homepage
wego.com
TL;DR
Goals & challenges
  1. Gain visibility across a large dynamic AWS footprint
  2. Fix configuration related issues on AWS, overcome complexity of changes
  3. Troubleshoot security incidents effectively and provide the paper trail to authorities
The solution
  1. Cross-account, cross-region and cross- availability zone visibility
  2. Tracked states for configuration using AWS CloudTrail integration to allow collaborative troubleshooting for rapid resolution
  3. Automated detection and troubleshooting for security & compliance .
Results
  1. Reduced cost leakage and identification time from hours to under 15 minutes
  2. Reduced configuration and settings identification from hours to minutes
  3. Proactive control of compliance policy violations and cost concerns through change simulations.

The customer

Wego is on a mission to help people discover the real value of travel — to inspire, to give more reasons, to make it easy — for everyone to go. Founded in 2005, and since then, Wego imagined and created some of the most well-loved products for travelers all around the world.

Today, Wego is used by millions of people every month — people who travel for adventure, for work, for family and for many other reasons. Since their inception, Wego has used cutting-edge technology as a differentiator and they were one of the early adopters of Ruby on Rails and AWS in Singapore. In the travel space, Wego was one of the early cloud trail-blazers and they continue to use cloud as a core differentiator. Today, Wego operates a dynamic multi-cloud environment across multiple regions, giving them the ability to provide the best level of service for millions of global travelers.  

“We had changes happening that we couldn’t isolate to who and when. The total number and the complexity of our products have increased tremendously in the last three years, and the core team needed to be able to know what was going on and fix things quickly."
Gary Theis, CTO @Wego

The challenge

As Wego became one of the largest online travel providers, their IT infrastructure went through a significant change to accommodate the growth. They initially moved their datacenter into AWS, which enabled them to innovate at a faster pace, while reducing the overhead for operations. As their product portfolio grew from 2 simple products to 6 dynamically scaling products, the level of complexity of their cloud configuration started to become difficult to manage with native tools.  

The Wego core team went through growing complexity and management at scale in 2022, and found that identifying the root cause of incidents and compliance drifts, along with the complete impact radius are extremely challenging in complex AWS environments. These experiences, along with Wego’s pursuit of excellence in infrastructure operations required a solution that can tell the difference between configuration states in real-time with context. The Wego core team wanted to get to the Chaos Monkey level to manage AWS infrastructure problems.

The solution:

“Stream.Security provides us visibility into AWS configuration changes at a level that we didn’t previously have. We have the confidence to know when these changes occur, not only for security and compliance, but for cost and budgeting purposes as well.
Gary Theis, CTO @Wego

Gary Theis asked the core team to come up with a solution to help them operate their fully containerized, dynamic AWS environments at scale: “I asked the team to come up with a solution to sort out the configuration problems on AWS, because we wanted to fully understand when and how a configuration is dropped. When we saw your capabilities, we knew it was a good match.”

The Wego team started seeing immediate value during the Stream trial and gained context-aware visibility into their complex environment across accounts, regions and availability zones. The team also gained the ability to track the configuration states of each component and identify the root cause of incidents within seconds thanks to architectural standards and graph capabilities with Stream.  

The Stream platform acts as a force multiplier for the Wego team, giving them the ability to handle a more complicated environment at scale. This is especially important considering the talent shortage in the DevOps space: “Hiring for DevOps engineers isn’t cheap, and you need to be able to retain talent because otherwise you don’t have enough experienced engineers that know your environment well.”

Cost was an important factor for Wego in the evaluation, and Stream delivered superior capabilities for a reasonable cost. The return on engineering time and higher availability far outweighed the license investment into Stream for Wego.  

As a result of working with Stream, Wego:  

  • Gained contextual visibility into AWS configuration changes at scale using the AWS CloudTrail Integration.
  • Scaled cloud operations thanks to automation and notification capabilities
  • Superior incident management capabilities as force multiplier for security, availability, and cost.

Quantifiable benefits for the Wego team include:  

  • Reduced the time required to resolve incidents dropped from 3-4 days to minutes.  
  • Reduced cost leakage and identification time that would usually take hours of analysis with AWS support to under 15 minutes. They were able to identify data transfer cost source which was not visibly traceable from the AWS console.
  • Reduced configuration and settings identification from hours to minutes thanks to the cloud architecture diagram drill down feature of Stream.
  • Being able to identify roles with lax permissions and tighten the access control policies across accounts.
  • Being able to identify in part of the system where the default security group was being used though they were with restrictions but something that slipped through in configuring on EKS service.
  • Proactive controls for policy violations and cost concerns through Stream's simulation integration with Atlantis. The Wego team can now review any violation or cost concerns before the changes are applied to the system.
  • Being able to track down legacy S3 buckets that were exposed to the public from previous years and no longer need public exposure.
  • The configuration to cloud architecture diagram drill down feature has allowed us to move and identify configuration and settings from hours to minutes.

Working with Stream

Very happy to see what Stream has got, it’s been impressive so far. Interested to be in the ride, excited to see what Stream does next. Cost troubleshooting for example, is a very top of mind capability that can deliver a ton of value for us."
Gary Theis, CTO @Wego

The Wego and Stream team have formed a close partnership from the get-go and delivered Wego’s operational requirements. Teams work closely via the dedicated Slack channel on a weekly basis and continue to expand Wego’s use cases. At the time of writing this success story, the Wego core team is experimenting with Stream's Cost Troubleshooting module to optimize AWS costs.