HOME > CUSTOMERS + PARTNERS > CASE STUDIES: Service Provider: A Global Security Services Organization
Customer Case Studies
Service Provider: A Global Security Services Organization
Customer
A global leader in security consulting and managed services helping Fortune 500 companies address corporate security requirements, this firm helps their customers maximize the value of their information and network security investment.
Challenges:
The application security services teams needed to set up and obtain in-depth analysis of large code bases quickly. Because this organization's service offerings rely on precise and accurate results for their customers, they sought a solution that would allow them to spend less time doing code audits and less time analyzing results, allowing their security experts to provide actionable results, and move on to assessing higher level concerns as well.
Why They Chose Ounce:
Out of the box, the Ounce solution delivered accurate and deep analysis of diverse code, and deliver well-organized results with no false positives. Security experts found that they were able to rapidly audit code and provide the information to their customers in record time.
One of the unique capabilities of the Ounce solution was the ability to identify risks and vulnerabilities across groups of interactive applications. In addition to finding more common vulnerabilities, such as those covered by the OWASP Top Ten, Ounce also uncovered a broader range of policy violations and design flaws. This was a significant differentiator, and one that empowered security experts to deliver valuable insights into business risks across the application portfolio.
The ease with which the Ounce products could be deployed and used in various customer environments allowed service delivery to occur on schedule. Its proven scalability ensured that virtually any customer code base could be analyzed in a fraction of the time required by manual code audits or with other products. Accurate analysis and reporting, including zero false positives, allowed security experts to quickly understand the business risks for various types of business applications.
SIGN UP FOR OUR RISK
MANAGEMENT NEWSLETTER
"The analysis of the threat to an IT system must include an analysis of the vulnerabilities associated with the system environment"
