Case Study

Critical Vulnerabilities Remediated for Global Car Rental Company

challenge

Expansion Brings Additional Scrutiny

A leading global car rental company recently expanded the footprint of one of their customer-facing applications to make it available outside of the United States. This expansion along with the appointment of a new Chief Information Security Officer (CISO) placed additional scrutiny on application-level security vulnerabilities. Our client didn’t have a dedicated resource to address these issues and was relying on members of their team as they had availability between projects. They needed a faster way to remediate any vulnerabilities without compromising their overall throughput and delivery.

solution

Vulnerabilities Identified

After a number of vulnerabilities were identified including clickjacking, cross-site scripting and cryptography, our team put them into JIRA to manage the backlog of tickets required for remediation. Co-located teams of developers and quality assurance testers provided dedicated and focused effort to quickly remediate and deploy fixes to the legacy code.

results

Over a 50% Improvement in Time to Remediate

Within four months of engagement, a backlog of 90 vulnerabilities were remediated across a risk management suite of products. Newly discovered vulnerabilities, half of which were classified as high/critical risk, were being remediated in under 20 days; this was down from 45 days, delivering over a 50% improvement in time to remediate.

“The speed in which Rural Sourcing has remediated our past and present vulnerabilities makes it easier for us to sleep at night.” - Director of Information Security, Global Car Rental Company

The speed in which Rural Sourcing has remediated our past and present vulnerabilities makes it easier for us to sleep at night.

— Director of Information Security, Global Car Rental Company
Related Case Studies
See All Case Studies
case_study
Jan 17, 2023

Leading Streaming OS Provider Positions to be Leading Home OS Provider

Our client, a leader in smart TV operating systems, was looking to introduce a suite of products that would be a natural extension of their business and make them a leader in a second industry. These products would integrate things like home monitoring, custom lighting and smart power at a better value than what had previously been on the market. Our client needed to test their new devices in a broad array of consumer environments and complete end-user testing scenarios quickly in order to meet their tight launch deadline.

Read More
case_study
Dec 13, 2022

Cloud-based Automation Improves Data Quality and Time Savings

We automated this managed services provider’s cumbersome manual processes with a serverless application using Angular and AWS tools. This saved them hundreds of hours per year, reduced staff burnout, and allowed them to provide their clients data-driven consulting that otherwise would have been nearly impossible.

Read More
case_study
Oct 26, 2022

Innovative and Award-winning Digital Product

Our client, a Wisconsin-based financial services provider, was being acquired by a multinational conglomerate, due to the potential of their yet-to-be-launched, digital application. It would revolutionize the travel insurance industry, since at the time, if you wanted to purchase a travel insurance policy or file a claim, you’d have to do it over the phone, or in same cases, by mail.

Our product development team stepped in quickly and started meeting with the executive team to get a thorough understanding of the business goals and start building personas and fleshing out the buying cycle. They ended up developing an innovative, award-winning application with flexible, modern architecture and got it to market on-time, despite the tight timeline.

Read More
case_study
Sep 26, 2022

Modernized Applications Improve Quality of Care for Senior Citizens

Two large healthcare technology providers had recently merged into one comprehensive platform for managing payments and care programs. Their combined product portfolio needed to be updated to align with a modern .NET tech stack to eliminate technical debt. Learn how we quickly scaled up a Scrum-as-a-Service TM team to enhance and support our client’s legacy application.

Read More
See All Case Studies