Focusing on digital transformation and new technology to reach its business goals, it partnered with Black Duck® to develop and deploy application security solutions and services throughout its SecOps and DevOps program. The goals of this initiative were to
Recognizing the importance of its applications as a means to meet its global growth initiatives, the organization faced challenges balancing security with application delivery timelines. The volume of unfiltered vulnerability data was overwhelming its security teams as it tried to scale the application security program and remove the barriers of communication between its SecOps and DevOps teams.
The company chose a variety of Black Duck solutions to
BENEFIT | IMPACT |
---|---|
No false positives and or duplicates | As part of Security Testing Services, all data is passed through Continuous Dynamic Threat Research and only true positives are reported back. |
Risk ranking of vulnerabilities | The organization was better able to prioritize resources for critical bugs and at-risk applications. |
24/7 support | Development teams could reach out with questions directly, making Black Duck® SCA a true extension of the organization’s security team. |
Fewer cross-functional silos and roadblocks | Regular brownbag sessions with the organization’s development teams provided an educational resource to resolve bugs and issues. Black Duck helped the organization remove internal silos and achieve more effective programmatic enablement between DevOps and SecOps. |
Improved interactions between SecOps and development teams | The organization’s teams worked together more efficiently and achieved improved results. |
Black Duck solution architects worked with the organization to successfully develop and execute an application security strategy tailored to its diverse development needs and deploy an enterprise-wide risk management program.
The organization worked with Security Testing Services to implement a programmatic approach to remediating vulnerabilities according to its security policies and best practices, while empowering its teams to work together more effectively and efficiently. All of this helped the organization secure its business-critical applications and meet its growth initiative goals.
Company overview
This global retailer provides pharmacy-related services and is in business in more than seven countries with over 700 locations. It has an annual revenue of over $166 billion.
See why DAST remains a primary pillar in a holistic AppSec program
Get insights into the current state of security for web-based apps and systems.
Preview the report