Contrast Security Case Studies Enhancing Security of Modern Software in Financial Services: A Case Study of a U.S. Regional Credit Union

Edit This Case Study Record

	Enhancing Security of Modern Software in Financial Services: A Case Study of a U.S. Regional Credit Union Contrast Security

Enhancing Security of Modern Software in Financial Services: A Case Study of a U.S. Regional Credit Union

Contrast Security

Technology Category	Application Infrastructure & Middleware - Event-Driven Application Cybersecurity & Privacy - Application Security
Applicable Industries	Finance & Insurance National Security & Defense
Applicable Functions	Product Research & Development Quality Assurance
Use Cases	Experimentation Automation Tamper Detection
Services	System Integration Testing & Certification
Challenge	The U.S. based regional credit union, serving nearly 100,000 customers in rural communities, was facing challenges in delivering and securing modern software applications to protect customers’ private financial data. Prior to working with Contrast Security, the credit union’s application security efforts were ad hoc with periodic penetration testing and content analysis highlighting issues post-development. The credit union’s developers produce a significant amount of custom code that they release relatively frequently. Identifying vulnerabilities with traditional scanning tools was a challenge, as the tools generated a high number of false positives. The company also wanted to deploy Contrast in Dev/QA in order to identify potential vulnerabilities early in the SDLC and create a baseline. Additionally, prior to the installation of Contrast Protect, the credit union was potentially vulnerable to attacks. Read More
About Customer	The U.S. based regional credit union is one of the largest financial institutions dedicated to serving farmers and rural residents. As part of the nationwide credit system and with nearly 100,000 customers throughout the rural communities of the U.S., they work to promote growth and competitiveness in agricultural and rural communities across the country. This customer-first approach helps U.S. agricultural producers feed the world, strengthen the rural economy, and provide jobs that help rural families thrive. This financial institution is committed to evolving processes in digital transformation to meet the needs of its customers today and well into the future. In the current business climate, that equates to protecting its customers’ sensitive financial data with secure software solutions. Read More
Solution	The credit union partnered with Contrast to increase its security posture and build upon its application security testing. Contrast helps the company’s developers to proactively manage custom code to mitigate vulnerabilities and risk, while preventing cyberattacks that could lead to a data breach. The company utilizes both Contrast Assess and Contrast Protect, as it evolves toward more rapid and automated Agile DevOps processes, across the entire software development life cycle (SDLC). Contrast Assess helped this regional credit union identify vulnerabilities in custom code and instruct developers on how to remediate them. Additionally, with Contrast Protect, this company can accurately block attacks in real-time, across all environments. Contrast Assess deploys agents via instrumentation that become part of the application portfolio to provide 24/7 monitoring. These agents are constantly assessing vulnerabilities in all stages of the SDLC. Contrast Protect provides detailed information on attacks, tackles issues associated with malicious activity, and stops unknown exploits using Runtime Application Self-Protection (RASP). Read More Log in to view content
Contents

Technology Category

Application Infrastructure & Middleware - Event-Driven Application

Cybersecurity & Privacy - Application Security

Applicable Industries

Finance & Insurance

National Security & Defense

Applicable Functions

Product Research & Development

Quality Assurance

Use Cases

Experimentation Automation

Tamper Detection

Services

System Integration

Testing & Certification

Challenge

The U.S. based regional credit union, serving nearly 100,000 customers in rural communities, was facing challenges in delivering and securing modern software applications to protect customers’ private financial data. Prior to working with Contrast Security, the credit union’s application security efforts were ad hoc with periodic penetration testing and content analysis highlighting issues post-development. The credit union’s developers produce a significant amount of custom code that they release relatively frequently. Identifying vulnerabilities with traditional scanning tools was a challenge, as the tools generated a high number of false positives. The company also wanted to deploy Contrast in Dev/QA in order to identify potential vulnerabilities early in the SDLC and create a baseline. Additionally, prior to the installation of Contrast Protect, the credit union was potentially vulnerable to attacks.

About Customer

The U.S. based regional credit union is one of the largest financial institutions dedicated to serving farmers and rural residents. As part of the nationwide credit system and with nearly 100,000 customers throughout the rural communities of the U.S., they work to promote growth and competitiveness in agricultural and rural communities across the country. This customer-first approach helps U.S. agricultural producers feed the world, strengthen the rural economy, and provide jobs that help rural families thrive. This financial institution is committed to evolving processes in digital transformation to meet the needs of its customers today and well into the future. In the current business climate, that equates to protecting its customers’ sensitive financial data with secure software solutions.

Solution

The credit union partnered with Contrast to increase its security posture and build upon its application security testing. Contrast helps the company’s developers to proactively manage custom code to mitigate vulnerabilities and risk, while preventing cyberattacks that could lead to a data breach. The company utilizes both Contrast Assess and Contrast Protect, as it evolves toward more rapid and automated Agile DevOps processes, across the entire software development life cycle (SDLC). Contrast Assess helped this regional credit union identify vulnerabilities in custom code and instruct developers on how to remediate them. Additionally, with Contrast Protect, this company can accurately block attacks in real-time, across all environments. Contrast Assess deploys agents via instrumentation that become part of the application portfolio to provide 24/7 monitoring. These agents are constantly assessing vulnerabilities in all stages of the SDLC. Contrast Protect provides detailed information on attacks, tackles issues associated with malicious activity, and stops unknown exploits using Runtime Application Self-Protection (RASP).

Impact #1	By leveraging Contrast’s platform, this regional credit union has transformed its resource-intensive, ad hoc security effort into an integrated and proactive application security strategy that more effectively protects sensitive customer data while reducing costs. Application security is integrated into code without the need for security experts. Contrast Assess arms developers with accurate, real-time feedback via integration with messaging tools such as Slack, and standard development bug tracking tools and processes. Contrast provides actionable recommendations for developers so they can quickly remediate on exactly where and how to fix vulnerabilities within the code. Contrast Protect provides additional and continuous protection of production code through automated attack blocking. Contrast’s platform with Assess and Protect provides this financial services company a layered modern security model at the speed of rapid DevOps processes to meet customer needs and scale for the future.

Impact #1

By leveraging Contrast’s platform, this regional credit union has transformed its resource-intensive, ad hoc security effort into an integrated and proactive application security strategy that more effectively protects sensitive customer data while reducing costs. Application security is integrated into code without the need for security experts. Contrast Assess arms developers with accurate, real-time feedback via integration with messaging tools such as Slack, and standard development bug tracking tools and processes. Contrast provides actionable recommendations for developers so they can quickly remediate on exactly where and how to fix vulnerabilities within the code. Contrast Protect provides additional and continuous protection of production code through automated attack blocking. Contrast’s platform with Assess and Protect provides this financial services company a layered modern security model at the speed of rapid DevOps processes to meet customer needs and scale for the future.

Benefit #1	Significantly reduced costs related to third-party penetration testing, static content analysis, and dynamic analysis security testing.
Benefit #2	Substantial reduction in the time it takes to achieve its business outcomes.
Benefit #3	Reduced false positives in vulnerability detection.

Benefit #1

Significantly reduced costs related to third-party penetration testing, static content analysis, and dynamic analysis security testing.

Benefit #2

Substantial reduction in the time it takes to achieve its business outcomes.

Benefit #3

Reduced false positives in vulnerability detection.

Download PDF Version

Overview

Enhancing Security of Modern Software in Financial Services: A Case Study of a U.S. Regional Credit Union

Operational Impact

Quantitative Benefit