Meet Armis at Black Hat 2024

Learn More
Case Study

Closing the Loop: Making Security Everyone’s Business with Prioritization & Collaboration

man working on laptop

Mendix, a Siemens business, is an industry leading low-code application development platform that helps organizations build multi-experience, enterprise grade applications at scale. More than 4,000 organizations in 46 countries use the Mendix low-code platform. An active community of over 300,000 developers has created over 950,000 applications.

The Challenge

As Mendix modernized its application lifecycle and transitioned to the cloud, the security team encountered challenges in:

  • Consolidating findings from multiple tools to improve assessment of technology risk
  • Identifying high-impact fixes earlier in the software pipeline
  • Communicating priorities effectively with engineering teams to improve collaboration and reduce their alert fatigue from the high volume of requests with limited context
  • Consistently enabling the “last mile” of remediation – assigning responsibility for the fix to the right owner in their software development teams

The outcome was significant inefficiencies in risk prioritization, and time-consuming, manual efforts to establish which teams and individuals on the engineering team were responsible for remediation fixes and the issuing of individual tickets for issues with a common fix.

Continue Reading

Challenges
  • challenge iconMaintaining a consolidated, contextualized view of risk posture and priorities across pipelines
  • challenge iconReducing the alert fatigue and backlog from fragmented tools
  • challenge iconDetermining which fixer or team was responsible for implementing a remediation
  • challenge iconProviding the right level of context to improve how well software development teams understand security requirements
Results
  • results iconReduced manual reviews by 80%
  • results iconReduced time spent on prioritization efforts by 70%
  • results iconReduced time spent identifying and assigning fix responsibility by 80%
  • results iconAutomated generating individual tickets for hundreds of findings with a common fix with Silk remediation campaigns
  • results iconImproved number of closed findings by 600% on a monthly basis
  • results iconImproved mean time to resolution to days from weeks