Seamless automation security services delivered across SDLC for continuous improvement

The client is a multinational conglomerate corporation focused on health technology.

Challenges:

• No Defined security process in place across the SDLC
• Lack of CI-CD best practices across applications prior to each deployment
• Lack of compliance and regulatory adherence
• Lack of defined security process
• No shift left strategy implemented across SDLC for security assessment activities
• Ad-hoc security assessment activities performed

Solution:

• Defined process for enabling security in sprints and testing phases
• Automating manual security tasks for assessment activities across application security, thereby leading to effort optimization
• Integrating security tools across the CI/CD pipeline
• Provided security view of application from each deployment of new code in any environment
• Mindtree’s security team implemented in-sprint CI/CD based security testing execution
• Enabling client shift left strategy across SDLC
• Shift left strategy and process provided teams an early eye on the security vulnerabilities
• Continuous implementation of new testing methodologies, e.g., Guided DAST, Guided WSST

Benefits:

• Leveraging the automation capabilities, the security team was able to reduce the effort of dynamic security testing by 65%
• Increased vulnerabilities identification across SDLC by 300%
• Enabled shift left strategy across multiple client projects
  

Download case study to know more