Enhancing Application Security for Cvent with Data Theorem

• Application Infrastructure & Middleware - Event-Driven Application
• Cybersecurity & Privacy - Application Security

• Equipment & Machinery
• National Security & Defense

• Product Research & Development
• Quality Assurance

• Inventory Management
• Tamper Detection

• Cloud Planning, Design & Implementation Services
• Cybersecurity Services

Cvent, a leading meetings, events, and hospitality management technology provider, was facing challenges with the security of their applications. The applications were created using open-source tools, and the security process was largely manual. This made it difficult for the development team to accelerate their code development and release cycles while ensuring the security of each release in pre-production. Additionally, Cvent was struggling with conducting third-party checks on partners. While compliance checklists and audits were in place, they only captured a snapshot of a partner's commitment to security at a given time. This left Cvent and their partners vulnerable to security incidents from connected devices or phishing emails. Prior to Data Theorem, Cvent relied on penetration testing audits to expose vulnerabilities. However, the high costs and limited coverage of this methodology made it an inadequate solution. Cvent wanted application security to be a critical part of their daily development process.

Cvent is a leading meetings, events, and hospitality management technology provider with over 4,000 employees, 30,000 customers, and 300,000 users worldwide. The company offers software solutions to event planners and marketers for online event registration, venue selection, event management and marketing, onsite solutions, and attendee engagement. Cvent's suite of products automate and simplify the planning process to maximize the impact of events. The company, founded in 1999, is a privately held SaaS company. Their solutions optimize the entire event management value chain and have enabled clients around the world to manage millions of meetings and events. More recently, they have excelled at helping organizations to host virtual events, scaling and automating the registration and presentation streaming capabilities.

Data Theorem's application security solution provided Cvent with the ability to automate the testing process on an ongoing basis. The solution was integrated into all stages of the development process, providing constant findings and feedback. Every change was analyzed automatically, and teams were alerted and provided with secure code fixes if vulnerabilities were found. Cvent established a set of success factors for the solution, including scan accuracy, platform support for IOS and Android, easy integration with build systems, the ability to scan apps directly from the Appstore, and a focus on the vendor product roadmap and customer. Data Theorem met all these requirements, enabling Cvent to discuss AppSec findings with their customers in product engagement meetings.

• With the implementation of Data Theorem's application security solution, Cvent now has a dedicated vulnerability management process. This has not only improved the security of their applications but also integrated seamlessly into their software development lifecycle, enabling the development team to accelerate their code development and release cycles. The solution's ability to provide constant findings and feedback has allowed Cvent to be proactive in addressing vulnerabilities, thereby reducing the risk of security incidents. Furthermore, the solution's ability to identify any App Store blockers before going into production has streamlined the app release process, ensuring a smoother user experience.

• Data Theorem discovered more issues than the previously-used external penetration tests.

• Data Theorem now identifies any App Store blockers before going into production.