Application security framework helped global telecom company accelerate its shift security left strategy
Founded 30 years ago, this telecommunications company has become a leading provider of wireless services in North America. Offering flexible, competitive services, the company has almost 115 million customers and generates approximately $80 billion in revenue annually.
Need for a security orchestration platform.
Enterprise is using different control validation tools to support several types of conformances checks and it is especially important to automate onboarding of thousands of code repositories to these tools. This is only possible through integrating scans in the CI/CD pipeline. The custom platform will take care all the steps in pre onboarding phase and will also help in extracting results from various tools and make it available to end users with access controls in place.
Implemented comprehensive, security orchestration platform.
With guidance from DevOps, software engineering, and security experts at UST, the client augmented its application development ecosystem with a robust, cloud-native, cost-effective orchestration platform comprised of:
- Portal - this user-friendly portal acts as a single place for application teams to leverage various features provided in the platform like, manual onboarding of applications to various scan programs, detailed information of issues found during scanning, documentations etc.
- Analytical Platform - Leadership team can use this platform to assess the security posture of their applications and take informed decisions based on real data.
- Report generation tools - Security validation reports generated by Security Engineers using these in-built tools to help application team to remediate significant vulnerabilities exposed during manual DAST testing.
- Long term data generation and extracts - All scan results saved in long term storage devices and various extracts generated to support organizational compliance programs.
- A common API repository - Data available in the platform is available for external consumption implemented by providing APIs.
This platform saved lot of costs during onboarding process when new scanning tools are available as well as its analytical platform is helping leadership team to take informed decision based on real time data.