• Share
  • Email
  • Embed
  • Like
  • Private Content
Case Study: How Wiredrive Stays Compliant & Secure With Checkmarx
 

Case Study: How Wiredrive Stays Compliant & Secure With Checkmarx

on

  • 448 views

When a cloud media sharing service needs to secure their most important media assets and stay compliant, who can they turn to? Wiredrive chose Checkmarx, which enabled them to integrate with its ...

When a cloud media sharing service needs to secure their most important media assets and stay compliant, who can they turn to? Wiredrive chose Checkmarx, which enabled them to integrate with its Continuous Integration SDLC cycle for ongoing and continuous scanning.

Statistics

Views

Total Views
448
Views on SlideShare
448
Embed Views
0

Actions

Likes
0
Downloads
1
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Case Study: How Wiredrive Stays Compliant & Secure With Checkmarx Case Study: How Wiredrive Stays Compliant & Secure With Checkmarx Document Transcript

    • Case study – Wiredrive About the Company Wiredrive (www.wiredrive.com) is the cloud media sharing service of choice for the world's largest advertising, entertainment and consumer marketing companies. Production, sales and marketing teams trust Wiredrive to simplify the logistics of creativity and securely manage their most important media assets. Wiredrive brings people and media together in a shared space where hard work and great ideas blossom into amazing things. Wiredrive is a fast-growing, profitable and privatelyowned company founded in 1999. The Wiredrive team consists of 35 employees and has offices in the media capitals of Los Angeles, New York, San Francisco and London. The Requirements  Wiredrive is preparing for SSAE16 compliance and needed a suite of tools to validate secure coding best practices.  Wiredrive’s Enterprise clients required recurring penetration tests and static code scans to audit the platform’s security.  Wiredrive needed an internal solution that integrates with its Continuous Integration (CI) SDLC process, which uses Atlassian's Bamboo and GIT as the source repository.  The solution needed to scan a large web application consisting of PHP, JavaScript, and Python.  Wiredrive needed to scan its WordPress plugin and sample code. The Alternatives During the evaluation process, Wiredrive reviewed several open source solutions that failed to locate known vulnerabilities. Wiredrive asked their Enterprise customers’ security departments for security audit recommendations. After additional research, Wiredrive realized that the recommended security vendors were frequently using Checkmarx. When one of Wiredrive's major customers specifically recommended Checkmarx, they decided to evaluate the product. The Checkmarx Selection Wiredrive found Checkmarx's CxCloud solution to be very easy to use. As a first step, Wiredrive tested its WordPress plugin and identified one unknown vulnerability. The test was easy to perform because CxCloud integrated directly with Github. CxCloud showed the complete attack vector and recommended the best fix locations in the code. Wiredrive ran their second test to validate their custom framework, which revealed both known and unknown vulnerabilities. Since Checkmarx met all evaluation requirements, Wiredrive signed up. Checkmarx Ltd. Tel: 917-470-9501 (US) contact@checkmarx.com www.checkmarx.com
    • “ The Implementation As a first pass, Wiredrive uploaded the code base directly to CxCloud and ran a full scan. The QA team grouped the results and prioritized remediation. The initial scans found vulnerabilities in the deprecated code, which was quickly addressed. Wiredrive successfully integrated Bamboo with the Checkmarx CLI interface with the help from the Checkmarx's support team. This let developers fix bugs and see the number of vulnerabilities decrease on an ongoing basis. Now, Wiredrive runs a full scan on every build to make sure that new code adheres to secure coding best practices. This process satisfies their most demanding Enterprise customer requirements. The Bottom Line The sales cycle and product evaluation was simple and straightforward. The Checkmarx team was prompt and helpful throughout the entire sales and onboarding cycle. Technologically, the product exposed unknown vulnerabilities for remediation. Wiredrive’s management team finds Checkmarx executive reports simple and easy to understand. Finally, Wiredrive’s Enterprise customers have responded positively by signing up additional departments and referring new customers. Checkmarx plays a fundamental role in hardening our web application. Exploits are becoming more sophisticated and Checkmarx is our first line of defense. Daniel Bondurant, CTO Wiredrive.com " Checkmarx Ltd. Tel: 917-470-9501 (US) contact@checkmarx.com www.checkmarx.com