Dreem gains insight into infrastructure and protects customer health data

Since we’re dealing with sensitive healthcare data, Lacework has helped us identify noncompliant components of our infrastructure and tells us how to fix them. The dashboard lets us see what is not HIPAA compliant, and what we need to improve.


Founded in 2014, Dreem is a healthcare company and a holistic sleep solution. Their offerings include Internet of Things (IoT) products, such as a headband worn at night to monitor brain activity and improve sleep quality. Most recently, Dreem has been developing a digital sleep clinic that screens, diagnoses, and treats the two main sleep pathologies: chronic insomnia and obstructive sleep apnea. To counter the complexities of the United States healthcare system, Dreem leads each patient through the entire process, from beginning to end.


  • Had a single DevOps engineer to handle all alerts
  • Needed to protect patient data and meet HIPAA compliance standards
  • Aimed to reduce attack surface by improving cloud compliance


  • Used Polygraph® Data Platform to streamline DevOps engineer’s workload
  • Simplified compliance process with dashboards showing prioritized events
  • Monitored security infrastructure with comprehensive, easy-to-use Platform


  • Received four to five critical alerts per week, ordered by severity
  • Demonstrated HIPAA compliance to protect patient data and unlock new healthcare business
  • Strengthened visibility into infrastructure