Protecting and securing a fast-growing web-based application business
How Outpost24 helped EasySignup achieve continuous security with automated application security testing.
Industry: Event Management Software Customer Since: 2019 Products: SWAT
Maintain high availability and avoid business disruption
EasySignup provide a web-based application for events managers and since its launch in 2012 has evolved into a fully loaded event management tool for events professionals looking for a simpler and safer way to process registrant’s data that’s aligned with GDPR regulations. The app works by helping customers manage and run meetings and conferences more efficiently and process delegates data more securely. Moving away from the traditional approach of using spreadsheets, which is an inefficient use of time and could lead to data issues.
It’s critical for the product to be available to their users at all times as a ‘live’ event web application. Any issues or downtime could lead to significant loss in revenue and customer churn as EasySignup relies on subscription revenue. It’s therefore imperative for the company to ensure potential security issues are spotted early and resolved before their business could be disrupted and impact client retention.
Growing pain to ensure continuous security
The IT team are responsible for managing multiple projects at a time, including the day to day operation of the application, development, testing, deployment and ensuring all IT systems are running smoothly. As a team they’re aware of the risks and are proactive in their security testing approach when time and resource allow. However, as the company expands and their user base grows, the team are finding it increasingly difficult to deal with the sheer volume of software vulnerabilities whilst keeping on top of the daily operations.
EasySignup also use a managed hosting provider to outsource servers, which brings additional security complexities. Introducing a third party, increases their risk exposure so it was essential that they have complete control and oversight of any vulnerabilities to ensure there are no security holes that could impact the product performance and availability. With this they turned to Outpost24 for help to create a longer term and more sustainable testing strategy to ensure all vulnerabilities were being identified, logged, and investigated.
Boost customer confidence with security and data compliance
Data protection laws in Europe have changed the way the events sector manages and stores customers data. EasySignup has a responsibility to show their customers that the tool is capturing and processing data securely and helping them to meet GDPR compliance, which is rubber stamped for customers to use for their own auditing purposes.
After meeting with Outpost24 they took the decision to invest in SWAT, our continuous application testing solution, to prove the robustness of their security and ensure any threats are spotted early and provides 24x7 visibility of all risks which could impact their business and customers.
Reaping the benefits of automated application security testing
EasySignup utilise the expertise of Outpost24’s automated scanning tool to test and secure their system around the clock. As new developments are being made to the application, Thomas Kjærgaard and his team needed the assurance that every change is checked and tested before moving forward with releases.
“When we release new functionality, it is fully checked and tested by the Outpost24 team. They try to find security holes in what we have created. They found issues in the platform right from the start in the first test, where some of them were previously undetected, so we knew we made the right decision to use a vulnerability assessment tool like SWAT.”
“Since utilizing SWAT we feel more confident that our system is secure. We use the alerting tool when new vulnerabilities are detected, which are verified by experts so I have a better conscience that we will catch most vulnerabilities.”
“We’ve seen a very positive response since using the SWAT service from Outpost24. You run the tests when we need them, and you find and verify results for better security.”
As part of the solution, regular pen tests conducted by Outpost24’s ethical hacking team has also uncovered unknown vulnerabilities that had previously gone undetected. By testing and scrutinizing development updates for vulnerabilities, SWAT provides EasySignup with a greater view and context of all risks:
- Continuously test for vulnerabilities which would otherwise go undetected
- Email alerts to security flaws and in-depth details on new issues for fast remediation
- Helps with prioritization through the interactive logging and dashboard
- In-depth analysis and insight around new vulnerabilities
- Full visibility and reporting of vulnerabilities for robust audit trail
Secure apps lead to happy customers
As businesses struggle to keep up with new threats posed by hackers, it’s important to know there are cost effective solutions available that provide a 360-degree view of risks by doing the hard work for you. Since using Outpost24, Thomas has seen more comprehensive reporting of vulnerabilities and a reduction in their overall risk exposure. “I highly recommend Outpost24 for your security testing and you will see an immediate impact that empowers your staff and builds a secure future. The outcome is good and offers very good value.”