The Challenge for NZZ

With a large amount of critical assets exposed to the internet, NZZ needed an advanced network security tool to protect their assets 24/7 and secure the highly dynamic media operation without slowing down new releases to the websites. They used a pen test partner before Outpost24 and it wasn’t sufficient to protect their external networks and web applications on a continuous basis, as the testing frequency cannot keep up with their release cadence for the dynamic online media outlets, so NZZ needed a solution that could work ‘with’ rather than ‘against’ their fast development cycles.

After a thorough vendor selection process NZZ chose Outpost24’s network security scanner Outscan and dynamic application security (DAST) scanner Scale for its ease of integration and expansive security coverage. The automated scanning solutions allow the NZZ team to carry out vulnerability assessment and regular releases with the backing of evidence-based security insights.

“Continuous and automated vulnerability scanning from Outpost24 helps the security team at NZZ to spot security anomalies and triage them for remediation in a proactive manner. Without their tools, we wouldn’t have the level of visibility and insights into imminent threats that could disrupt our high demand media operations.”

NZZ benefits from automated scanning that continually checks for known vulnerabilities, with minimal impact to production. They can be confident that any critical issues discovered are flagged immediately for remediation, which is important for a media business delivering highly dynamic content in real-time. This removes the security bottleneck and ensures the security team is able to take a proactive approach to vulnerability management without getting in the way of development, which is essential for ensuring their online audiences receive the best experience at all times.

Erich comments, “The Outpost24 platform saves us time. The alerting feature means I can investigate any issues when notified, which is set up to match our business parameters and filter out irrelevant findings that clog up my inbox, helping my small team with multiple responsibilities to better collaborate with DevOps and prioritize vulnerabilities more coherently”.

Reporting and workflow efficiency are key to driving collaborations

The reporting function is vital for Erich and his team, as it enables them to quickly draw conclusions from the data and take the right actions in a guided approach. The report groups critical vulnerabilities by OS, server or port so they can quickly identify what needs to be fixed and where their biggest risks are. NZZ understands that keeping on top of every vulnerability is not possible, so Erich relies on Outpost24’s advanced reporting data to make smarter and faster decisions on remediation priorities to optimize resources and deliver a return on investment.

Effective remediation and reporting go hand in hand, and without the solution-based reports the team would have to spend hours looking through the data themselves. Erich continues “the information is easy to understand and is presented in a way that’s suitable for technical engineers as well as managers in a business context. It’s a real benefit being able to share the information with my colleagues across the business in pdf and csv which is very effective for our own reporting.”

The Outpost24 platform has been integrated and embedded into their security workflow over the past three years and Erich has seen huge benefits including time saved and improved understanding of vulnerabilities effecting his business with the support of the technology and customer success.

He explains, “Automation is king and Outpost24 engineers are extremely helpful in providing the right guidance and tips when we need it most. Having direct access to the Outpost24 support team is an invaluable tool for us, whether we have a platform or app question – they are able to provide the trusted answer at the right time.”