Case Study

Critical Vulnerabilities Remediated for Global Car Rental Company

challenge

Expansion Brings Additional Scrutiny

A leading global car rental company recently expanded the footprint of one of their customer-facing applications to make it available outside of the United States. This expansion along with the appointment of a new Chief Information Security Officer (CISO) placed additional scrutiny on application-level security vulnerabilities. Our client didn’t have a dedicated resource to address these issues and was relying on members of their team as they had availability between projects. They needed a faster way to remediate any vulnerabilities without compromising their overall throughput and delivery.

solution

Vulnerabilities Identified

After a number of vulnerabilities were identified including clickjacking, cross-site scripting and cryptography, our team put them into JIRA to manage the backlog of tickets required for remediation. Co-located teams of developers and quality assurance testers provided dedicated and focused effort to quickly remediate and deploy fixes to the legacy code.

results

Over a 50% Improvement in Time to Remediate

Within four months of engagement, a backlog of 90 vulnerabilities were remediated across a risk management suite of products. Newly discovered vulnerabilities, half of which were classified as high/critical risk, were being remediated in under 20 days; this was down from 45 days, delivering over a 50% improvement in time to remediate.

“The speed in which Rural Sourcing has remediated our past and present vulnerabilities makes it easier for us to sleep at night.” - Director of Information Security, Global Car Rental Company

The speed in which Rural Sourcing has remediated our past and present vulnerabilities makes it easier for us to sleep at night.

— Director of Information Security, Global Car Rental Company
Related Case Studies
See All Case Studies
case_study
Sep 26, 2022

Modernized Applications Improve Quality of Care for Senior Citizens

Two large healthcare technology providers had recently merged into one comprehensive platform for managing payments and care programs. Their combined product portfolio needed to be updated to align with a modern .NET tech stack to eliminate technical debt. Learn how we quickly scaled up a Scrum-as-a-Service TM team to enhance and support our client’s legacy application.

Read More
case_study
Aug 30, 2022

Improved Growth and Scale Through Application Modernization

TeachTown needed to modernize their core applications and infrastructure so that as their business grew, the applications could scale with them. We brought the capabilities, mindset and cross-functional team to make it happen.

Read More
case_study
Jul 28, 2022

Regulatory Compliance Gap Quickly Closed for Large Industrial Services Provider

A leading provider of industrial services worldwide needed to fill a critical labor law compliance gap with their HR payroll processing. We created a highly usable and efficient platform to track  the massive amounts of data for its 15,000+ American employees. In just 9 months, the company reached regulatory compliance.

 

Read More
case_study
Jun 8, 2022

Global Logistics Company Gets to Market First With Customer-Facing Application

Our client, a global logistics company, needed to introduce a cloud-based customer-facing application to allow customers to view their scheduled trailer requests and submit ad hoc requests in the event of volume spikes. Speed-to-market was essential as none of their competitors had a similar application, so they wanted to be the first to market with it.

Read More
See All Case Studies