Chat with us, powered by LiveChat

Customers Stories

” EstateSpace offers secure asset management solutions for principals and estate managers. Through their suite of services, EstateSpace, provides tools for maximizing the value of physical assets, streamlining the management of estates and simplifying the lives of principals and estate managers. “

Challenges

“In developing a revolutionizing physical asset manage platform, EstateSpace is keenly aware of the security risks imposed on the infrastructure. We looked for tooling that helps us to identify and mitigate risks early in the development process. Our DevSecOps strategy relies on identifying potential problems early in the build and deployment process and mitigating them before they are deployed.”

“A further challenge of identifying potential security gaps is to not disrupt the development and test flow of the engineers. This needs that the tooling needed to play within the existing DevSecOps infrastructure.”

Solution

“At EstateSpace, we addressed these challenges by selecting CyberSecuriti to augment our Cybersecurity testing against our API. CyberSecuriti was a natural fit as they offered automatic identification of privilege-based escalation vulnerabilities and unauthorized access to resources directly against our openapi published API, which serves as the foundation for our web and mobile UX.”

“Through the use of playbooks each designed for a particular vulnerability type, CyberSecuriti was able to quickly generate approximately 1500 playbooks against over 150 API endpoints, testing thousands of potential vulnerabilities.”

“We found CyberSecuriti to be a great partner to work with overall, but especially when it came to our DevSecOps tooling. While their CyberSecuriti dashboard provides a rich set of test metrics, for our DevSecOps process, we needed information at the developer’s fingertips, not behind an authentication wall. Constantly making developers search through logs from alternate websites was a non-starter for us. CyberSecuriti worked with us to provide vulnerability information directly into the defect tracking software. This provided developers with all the information needed to debug and identify the source of the defect, resulting in faster closure rates for privilege escalation related defects. Further, the CyberSecuri tooling would automatically closed existing defects if the playbooks passed on their subsequent runs, resulting in reduced project management overhead for managing defects.”

Results

“With CyberSecuriti as a partner, our privilege escalation testing was put together in under a month, resulting in a great return on investment as the total cost is well below the cost of a single security test engineer.”

Matt Jenks
CTO, CTIO
Griffin Group Global

“FX Labs provided exceptional support to us throughout the on-boarding and configuration stages. Their capabilities got us testing our APIs for a broad range of vulnerabilities in a very short period of time. This allowed us to focus our valuable resources on working with our Engineering teams instead of building complex test cases for our APIs.”

Tim Dzierzek
Director, Information Security
Seismic

“The level of automation and depth of feedback is unparalleled. Any company leveraging the power of restful API’s should consider making sure they are secure with these guys!”

Ahren Posthumus
Application Security Specialist
Jumo

Hurry, we're offering a 20% Holiday Discount on APISec™ between November 20, 2019 to January 1, 2020 Avail Discount
+ +