Our goal is to provide an environment where our products are safe-by-design. That means having our DevSecOps team focus on a shift-left approach where we use tooling to help fill the gap of security experts, while also involving the human element for efficient and precise triaging.
Allocate Software is focused on workforce planning in healthcare, enabling organizations to operate with greater flexibility and control over their day to day administrative tasks. As a company that operates in healthcare, Allocate Software must ensure that they have adequate security controls in place to keep their products safe and provide the most efficient experience possible for their customers.
Because Allocate Software is a global company that has customers who regularly deal with sensitive data, they knew that they needed a better way to keep their products updated and follow security best practices without breaking their existing workflows or straining teams.
Putting the proper security controls in place and actively monitoring the security state of our products prevents us from being exploited, which also creates fundamental trust and positive reputation with our clients.
As the majority of their products are web-based applications and have API integrations, it’s critical that their security experts lean on modern security tooling to cover every corner of their asset landscape. It’s also important that they can implement best practices that help close gaps in coverage and improve cross-team communication around the state of their security posture.
One of the biggest challenges that the Allocate Software team faced was scalability. No matter which solution they chose, they needed to make sure that they had the right resources in place to grow their security program over time and accurate tooling to help cover gaps in security expertise. That’s where Acunetix by Invicti and our partner Longwall Security came in.
We decided to go to Acunetix by Invicti and Longwall to purchase a product that will reduce manual efforts and fill security gaps with modern tooling.
When evaluating potential solutions, simplicity was also critical. Allocate Software needed a solution that would plug in seamlessly to close gaps and automate some of the more tedious processes that contribute to bottlenecks and deadline delays. With Acunetix by Invicti, they found that many processes were easily automated, such as generating reports, executing parallel scans, and triaging security flaws with greater clarity.
Allocate Software experienced several key benefits when they made the switch to Acunetix by Invicti. Not only did their penetration tests become easier to execute and more effective, but also they were able to quickly integrate security directly into their CI/CD processes for seamless implementation that provided more complete coverage.
Implementing Acunetix by Invicti in our processes saved us time and resources, filling the gap of security experts to make us more productive and focused. It also allowed our team to have fast-feedback on specific security countermeasures, and raised awareness of how important security aspects are in our products.
Allocate Software can now re-test their applications with a single click and generate bug tickets automatically into their issue tracker for faster prioritization and remediation. They have the flexibility to schedule and execute full scans in the GUI, or through pipelines. And with the ability to generate reports for various audiences, they now can share information about their security posture more widely with key stakeholders, cross-functional teams, and clients who are interested in the security of their products.
With the Acunetix by Invicti platform in their security arsenal, Allocate Software is able to meet all of their success metrics and KPIs. The scalability of Acunetix by Invicti’s solutions provides greater flexibility for their program to shift and grow so that they can continue to meet and exceed their security goals. By integrating these solutions into their CI/CD, they now have a capable, reliable extension of their security team that will help them deliver better and more secure products to healthcare customers.
"The issues detected were of major impact, if users/hackers would have found the security holes, they could have hacked an entire Joomla! site."
Robin Muilwijk Quality and Testing Team"A strong and comprehensive web vulnerability scanner that can be used to discover flaws in our customers’ web applications as well as first class support from Acunetix."
Jesper Helbrandt"Acunetix is used in a complementary way with other Web Scanners to achieve the best vulnerability detection coverage possible"
Nicolas Pougetoux Manager of the Audit Department