Seezo – Automate Security Design Reviews

Funding Announcement
🔮 We've raised a $7M seed round from Accel & partners
New
🔏 Read the Founders' Note from Sandesh & Rakshitha

Funding Announcement
🔮 We've raised a $7M seed round from Accel & partners
New
🔏 Read the Founders' Note from Sandesh & Rakshitha

How Razorpay Scales Secure Design Reviews with Seezo

Today's threat modeling approach is manual, resource-intensive, and inconsistent. This makes security teams limit it to their crown jewels. However, I want to ensure coverage across all applications, for every feature being built. With Seezo, this is achievable.

Ashwath Kumar

Head of Security, Razorpay

About Razorpay

Razorpay is one of India’s leading fintech platforms, powering payments and financial infrastructure for millions of businesses. With dozens of teams building and deploying new features every week, security design reviews quickly became a scaling challenge.

The Challenge: High-Quality Reviews That Were Hard to Scale

Razorpay’s AppSec team has always prioritized depth and accuracy in their security design reviews. Developers filled out security questionnaires, attached architecture diagrams to Jira epics, and worked closely with AppSec engineers who provided detailed, contextual guidance.

While this process produced extremely high-quality results, it became increasingly hard to scale as product velocity grew.

Growing volume: Hundreds of Jira epics every quarter meant increasing review demand.
Limited bandwidth: Senior AppSec engineers spent significant time on repetitive assessments.
Timeline pressure: Developers often had to wait for feedback before proceeding.

The challenge wasn’t quality, it was capacity.

As a result, reviews became a bottleneck delaying releases and stretching AppSec capacity thin.

The Solution: Automated Security Design Reviews in Jira

To retain the same depth of review while improving speed, Razorpay integrated Seezo directly into its Jira pipeline.

For every new Jira epic, Seezo analyzes the attached artifacts, diagrams, tables, and text.

Seezo automatically generates:

Security Summary: Captures the feature’s core security-relevant aspects.
Actionable Security Requirements: Developer-ready guidance contextualized to the feature (e.g., “Mask PII in logs using utils.logger(PII=off)”).
Open Questions: Clarifications for incomplete or missing information, added as Jira comments.

The Impact

Consistent coverage: Every Jira epic undergoes automated analysis, ensuring no feature is overlooked.
Developer-first workflow: Security insights appear directly in Jira, within the developer’s workflow.
Efficient AppSec operations: Engineers can now focus on higher-impact risks rather than repetitive checks.

With Seezo, Razorpay built a continuous and automated AppSec workflow without slowing down feature delivery.

Why It Matters

Razorpay’s approach shows that scaling security reviews doesn’t mean adding more steps. It’s about integrating security in existing workflows. By using Seezo, Razorpay ensures every new feature is secure by design. They’ve built a scalable model for continuous security design reviews without compromising on quality.

About Seezo

Seezo provides context-specific security requirements to developers before they start coding. It scans design and technical documents from tools like Confluence, Google Docs, Jira, or ServiceNow and delivers outputs directly where developers already work whether in Jira tickets, document comments, or messaging channels like Slack. Seezo integrates with your coding standards, understands company-specific language, and tailors rules to your risk profile.

By mapping requirements to compliance standards such as PCI,RBI and frameworks like ASVS, Seezo streamlines compliance and reduces manual work.

Ready to Get Started?

Integrate Seezo into your Jira pipeline and scale your security reviews

Book a demo or email hi@seezo.com