Brian Doyal,
Staff Software Engineer
Staff Software Engineer
"It’s the breadth of Replicated that makes the difference. We use Embedded Cluster where it fits, Helm where it’s needed, and the platform around both gives us the visibility, control, and confidence to succeed in any enterprise environment."
Watch the Interview
Company Size:
25
Industry:
Application Security
Overview
Pixee.ai provides AI-enabled security tools that act like an automated product security engineer, helping application security teams identify, triage, and fix vulnerabilities with high-quality code changes. Their customers often operate in highly regulated industries, where strict compliance and security requirements demand on-premises installs, firewall restrictions, private certificate authorities (PKI), AI model restrictions, and other controls.
“Every customer environment looks different,” explains Brian Doyal, Staff Engineer at Pixee.ai. “The infrastructure, the policies, even the team structures vary, and that variability creates real complexity when we deploy.”
To meet these diverse demands, Pixee.ai relies on the full Replicated platform. Features like Embedded Cluster and Helm installs, licensing and channel management, preflight checks, support bundles, and the Compatibility Matrix give Pixee’s team the flexibility, control, and confidence to deliver reliable deployments in environments that once took weeks in under an hour.
“Every customer environment looks different,” explains Brian Doyal, Staff Engineer at Pixee.ai. “The infrastructure, the policies, even the team structures vary, and that variability creates real complexity when we deploy.”
To meet these diverse demands, Pixee.ai relies on the full Replicated platform. Features like Embedded Cluster and Helm installs, licensing and channel management, preflight checks, support bundles, and the Compatibility Matrix give Pixee’s team the flexibility, control, and confidence to deliver reliable deployments in environments that once took weeks in under an hour.
Challenge
One of Pixee’s largest customers, a global financial institution, presented a deployment with especially strict requirements. All internet access had to be explicitly allowed and routed through a proxy. Every certificate needed to validate against an internal CA. SELinux was enforced across the cluster. And with the customer’s IT team located in a distant time zone, Pixee had little opportunity for live troubleshooting.
“When we first saw the list of requirements, every network hop, every certificate and proxy looked like a blocker,” recalls Brian. “In past projects, some of those would have led us to custom scripts or on-site troubleshooting. That adds days or weeks and can undermine project momentum even with strong champions.”
“When we first saw the list of requirements, every network hop, every certificate and proxy looked like a blocker,” recalls Brian. “In past projects, some of those would have led us to custom scripts or on-site troubleshooting. That adds days or weeks and can undermine project momentum even with strong champions.”
"Every network hop, every certificate and proxy looked like a blocker."
Brian Doyal,
Staff Software Engineer
Staff Software Engineer
Solution
Pixee.ai selected Replicated’s Embedded Cluster for the customer’s initial environment because it reduced uncertainty and made configuration straightforward. “By setting up Embedded Cluster we knew we could reduce the unknowns,” Brian says. “We could test in environments similar to the customer’s, pull in their CA certificates, configure proxies, and use an image proxy to reduce firewall openings.”
Beyond the installation method, other Replicated features played an essential role. Preflight checks validated network connectivity and dependencies before installation. Support bundles captured logs and configuration details, enabling Pixee to diagnose issues asynchronously when time zones made real-time collaboration difficult. Licensing and channel management gave Pixee a simple way to support trials, development environments, and production customers, while keeping updates consistent. And the Compatibility Matrix allowed them to test releases across a range of Kubernetes providers and configurations before customers ever saw a release.
At the same time, Pixee planned for Helm-based installs in higher-level production environments, giving customers the flexibility to choose the method that best aligned with their policies. “Some customers prefer Helm, and that flexibility is critical,” Brian explains.
Beyond the installation method, other Replicated features played an essential role. Preflight checks validated network connectivity and dependencies before installation. Support bundles captured logs and configuration details, enabling Pixee to diagnose issues asynchronously when time zones made real-time collaboration difficult. Licensing and channel management gave Pixee a simple way to support trials, development environments, and production customers, while keeping updates consistent. And the Compatibility Matrix allowed them to test releases across a range of Kubernetes providers and configurations before customers ever saw a release.
At the same time, Pixee planned for Helm-based installs in higher-level production environments, giving customers the flexibility to choose the method that best aligned with their policies. “Some customers prefer Helm, and that flexibility is critical,” Brian explains.
Results
With Replicated, Pixee delivered a secure and compliant deployment to the financial institution in about thirty minutes. The deployment satisfied strict requirements for proxy integration, PKI validation, firewall rules, and SELinux enforcement without requiring major rewrites.
The impact went far beyond this single customer. Deployments that once required weeks of back-and-forth are now completed in hours. Customers are given the choice of Embedded Cluster or Helm depending on their environment, which makes adoption easier and builds trust. Pixee manages customer lifecycles seamlessly with licenses and channels, gains visibility into live environments through preflight checks and support bundles, and prevents regressions by continuously testing against varied environments with the Compatibility Matrix.
Brian sums it up: “It’s the breadth of Replicated that makes the difference. We use Embedded Cluster where it fits, Helm where it’s needed, and the platform around both gives us the visibility, control, and confidence to succeed in any enterprise environment.”
The impact went far beyond this single customer. Deployments that once required weeks of back-and-forth are now completed in hours. Customers are given the choice of Embedded Cluster or Helm depending on their environment, which makes adoption easier and builds trust. Pixee manages customer lifecycles seamlessly with licenses and channels, gains visibility into live environments through preflight checks and support bundles, and prevents regressions by continuously testing against varied environments with the Compatibility Matrix.
Brian sums it up: “It’s the breadth of Replicated that makes the difference. We use Embedded Cluster where it fits, Helm where it’s needed, and the platform around both gives us the visibility, control, and confidence to succeed in any enterprise environment.”
Deployments that once required weeks of back-and-forth are now completed in hours.
%201.png)