GoodLeap

$244K in Savings and 100% Critical Vulnerabilities Resolved in One Year

How GoodLeap transformed legacy IT infrastructure into a secure, scalable foundation—eliminating security gaps while supporting expansion into new business verticals.

Networking & Connectivity
Security & Compliance
Cost Optimization
$244K
total identified savings
100%
critical vulnerabilities resolved

GoodLeap is a leading technology company providing financing and software solutions for sustainable home upgrades, including solar panels, energy-efficient HVAC, and more. Since 2018, GoodLeap has provided over $30 billion in financing and helped over a million homeowners transition to sustainable living. Its AI-powered applications enable businesses to streamline operations, enhance customer communication, and drive efficiency in the home improvement sector.

The Challenge

Legacy Infrastructure Blocking Business Transformation

As GoodLeap expanded into leasing, SaaS offerings, and M&A initiatives, its legacy IT infrastructure began to limit growth. Originally designed to support mortgage financing, the existing systems lacked the scalability, flexibility, and security required for the company's evolving business model.

IT leadership had a clear, forward-looking vision—but organizational silos and structural bottlenecks hindered their ability to execute. The infrastructure faced ~54 million annual hacking attempts against its VPNs, critical vulnerabilities remained unresolved, and unsupported Windows and Linux servers created ongoing risk.

To move forward, GoodLeap needed a modern, resilient IT foundation capable of supporting its transformation.

The Approach

Between October and November 2023, EverOps conducted a comprehensive review of GoodLeap's systems—revealing critical risks, inefficiencies, and opportunities for improvement across the IT organization.

Building on these insights, EverOps developed a strategic roadmap grounded in agile principles that prioritized high-impact remediation efforts. Rather than boiling the ocean, the team focused on initiatives that would deliver immediate security improvements while laying groundwork for long-term scalability.

The engagement used EverOps' embedded TechPod model, which GoodLeap credited as essential to the project's success—enabling faster execution than traditional consulting approaches.

Technologies & Tools: Network Security · VPN · Firewall Management · Configuration Management · Monitoring

Technologies & Tools:

No items found.
The Approach

Embedded Expertise with a Clear Roadmap

EverOps embedded a 3-person FinOps Pod directly into Life360's platform team. Within the first week, our engineers had access to their AWS accounts, joined their Slack channels, and began a comprehensive cost analysis using our proprietary Opportunity Finder methodology.

The engagement followed a structured approach: two weeks of discovery and prioritization, four weeks of execution on high-impact optimizations, and two weeks of governance implementation to sustain savings. Throughout, the Pod operated as an extension of the internal team — attending standups, collaborating in real-time, and transferring knowledge continuously.

Unlike consultants who deliver reports, our Pod executed the changes directly — rightsizing instances, eliminating waste, renegotiating reserved capacity, and implementing automated cost controls.

The Solution

Security, Automation, and Operational Excellence

EverOps implemented a series of high-value initiatives that addressed security gaps, modernized infrastructure, and established repeatable, scalable IT operations.

Key Initiatives:

  • Network Security Restructuring — Realigned network security with industry best practices, centralizing configuration management for firewalls and switches across the organization.
  • VPN Hardening — Strengthened VPN protection to defend against ~54 million annual hacking attempts, improving network security across all sites and data centers.
  • Vulnerability Remediation — Resolved 100% of critical vulnerabilities and 95% of all identified security issues through comprehensive vulnerability management.
  • Automated Server Patching — Implemented automation that increased patching efficiency by 400%, reducing both manual effort and downtime from missed patches.
  • Legacy System Retirement — Decommissioned unsupported Windows and Linux servers, eliminating ongoing risk from end-of-life systems.
  • Wireless Network Upgrade — Deployed certificate-based authentication across wireless networks, improving both security and reliability.
  • Enhanced Monitoring — Increased visibility across data centers and network environments, enabling more proactive and reliable IT operations.
  • IT Security Operations Function — Established a dedicated SecOps function to streamline incident response and enhance preparedness.
The Results

Transformed in One Year

Within one year, GoodLeap experienced significant improvements across its IT organization. The engagement eliminated $144,000 in recurring costs and uncovered an additional $100,000 in potential annual savings through technology consolidation.

Security posture improved dramatically—100% of critical vulnerabilities resolved, 95% of all identified security issues addressed, and VPN protection hardened across all sites. Automated server patching increased efficiency by 400% while reducing downtime risk.

The retirement of outdated systems and enhanced monitoring enabled more proactive, reliable IT operations. Most importantly, EverOps established a standardized reference architecture and long-term roadmap that supports stable, agile IT operations going forward.

GoodLeap now operates on a modern, secure, and scalable IT foundation with repeatable processes that support its evolving business goals.

$244K
Total savings identified
100%
Critical vulnerabilities resolved
400%
Patching efficiency gain
Client Experience

"EverOps' TechPod operated like our own team but moved at a completely different speed. In one year, they transformed our entire IT foundation."

VP of IT, GoodLeap
CLIENT EXPERIENCE

"EverOps' TechPod operated like our own team but moved at a completely different speed. In one year, they transformed our entire IT foundation."

— VP of IT, GoodLeap
What's Next?
With the IT foundation modernized and a dedicated Security Operations function in place, GoodLeap is positioned to continue its expansion into new verticals. The reference architecture and long-term roadmap established during this engagement provide a framework for scaling IT operations as the business grows—without repeating the technical debt that prompted the original transformation.
RELATED CASE STUDIES
Consumer Tech
Life360
From 12 Hours of Interviews to Instant Strategic Insights with a Custom AI Agent
Read case study
Consumer Tech
Life360
From Weeks to Days: How Real-Time Observability Transformed Infrastructure Velocity
Read case study
Consumer Tech
Global Consumer Tech
Full Visibility into $20M in Devices to Eliminate Fraud Risk
Read case study