Download PDF
Improving Security and Efficiency while Reducing Risk: A Case Study on CM.com
Technology Category
- Application Infrastructure & Middleware - Middleware, SDKs & Libraries
- Cybersecurity & Privacy - Application Security
Applicable Industries
- Equipment & Machinery
- National Security & Defense
Applicable Functions
- Product Research & Development
- Quality Assurance
Use Cases
- Cybersecurity
- Tamper Detection
Services
- Cybersecurity Services
- Testing & Certification
The Challenge
CM.com, a global leader in cloud software for conversational commerce, was struggling with its application security strategy. The company's primary application security strategy consisted of penetration testing and static application security testing (SAST). However, these tools consumed considerable time on the part of both the security team and the development teams. The reports generated from these tests had to be analyzed by the security team, and a ticket would be created for each vulnerability that needed to be fixed. This process often resulted in days of delay before developers received feedback on what to do. These security-related delays created friction in the development process and increased complications and delays tied to fixing vulnerabilities that were identified in the process. They also resulted in resentment on the part of developers. Furthermore, the scan and penetration reports revealed that there was a great deal of room for improvement in the quality of the outputs of the development process.
About The Customer
CM.com was founded in 1999 by Jeroen van Glabbeek and Gilbert Gooijers as ClubMessage. The company introduced group SMS messaging to the marketplace. Early customers included discotheques in the Benelux region, which engaged with their customers by texting out information about guest DJs, timetables, contests, discounts, and more weekend news. More than two decades later, CM.com has become a global leader in cloud software for conversational commerce that enables businesses to deliver a superior customer experience. Their communications and payments platform empowers marketing, sales, and customer support to automate engagement with customers across multiple mobile channels, blended with seamless payment capabilities that drive sales, gain customers, and increase customer happiness.
The Solution
To improve the application security architecture, CM.com decided to roll out a secure software development life cycle (SDLC) initiative. The company identified Contrast Security as a possible solution. Contrast Security offered a comprehensive DevSecOps approach with its automated Application Security Platform. This platform had the ability to continuously monitor application code using instrumentation. This allowed developers to receive immediate feedback when a vulnerability was detected, including actionable information about how to fix it. CM.com purchased licenses for Contrast Assess and integrated it into various development tools used by the development team. To overcome initial resistance from developers, CM.com added application security metrics to the key performance indicators (KPIs) by which developers were evaluated. The company also acquired a license for OSS to start working on securing their open-source libraries. With Contrast SCA, CM.com could see at a glance open-source code that is used by an application, what vulnerabilities exist in those active libraries and classes, and which libraries need to be updated.
Operational Impact
Quantitative Benefit
Related Case Studies.
Case Study
Smart Water Filtration Systems
Before working with Ayla Networks, Ozner was already using cloud connectivity to identify and solve water-filtration system malfunctions as well as to monitor filter cartridges for replacements.But, in June 2015, Ozner executives talked with Ayla about how the company might further improve its water systems with IoT technology. They liked what they heard from Ayla, but the executives needed to be sure that Ayla’s Agile IoT Platform provided the security and reliability Ozner required.
Case Study
IoT enabled Fleet Management with MindSphere
In view of growing competition, Gämmerler had a strong need to remain competitive via process optimization, reliability and gentle handling of printed products, even at highest press speeds. In addition, a digitalization initiative also included developing a key differentiation via data-driven services offers.
Case Study
Predictive Maintenance for Industrial Chillers
For global leaders in the industrial chiller manufacturing, reliability of the entire production process is of the utmost importance. Chillers are refrigeration systems that produce ice water to provide cooling for a process or industrial application. One of those leaders sought a way to respond to asset performance issues, even before they occur. The intelligence to guarantee maximum reliability of cooling devices is embedded (pre-alarming). A pre-alarming phase means that the cooling device still works, but symptoms may appear, telling manufacturers that a failure is likely to occur in the near future. Chillers who are not internet connected at that moment, provide little insight in this pre-alarming phase.
Case Study
Premium Appliance Producer Innovates with Internet of Everything
Sub-Zero faced the largest product launch in the company’s history:It wanted to launch 60 new products as scheduled while simultaneously opening a new “greenfield” production facility, yet still adhering to stringent quality requirements and manage issues from new supply-chain partners. A the same time, it wanted to increase staff productivity time and collaboration while reducing travel and costs.
Case Study
Integration of PLC with IoT for Bosch Rexroth
The application arises from the need to monitor and anticipate the problems of one or more machines managed by a PLC. These problems, often resulting from the accumulation over time of small discrepancies, require, when they occur, ex post technical operations maintenance.
Case Study
Robot Saves Money and Time for US Custom Molding Company
Injection Technology (Itech) is a custom molder for a variety of clients that require precision plastic parts for such products as electric meter covers, dental appliance cases and spools. With 95 employees operating 23 molding machines in a 30,000 square foot plant, Itech wanted to reduce man hours and increase efficiency.
