Recently, we began working with a well-known global payments technology company. This has been exciting because this company truly understands why good application security practices need to be embedded in the development process.
The secure application development process is frequently referred to as the Secure Software Development Life Cycle (SSDLC). In theory, it seems obvious to require that developers only create secure apps from the get-go, but vulnerabilities and attack vectors are constantly evolving so implementing an SSDLC is not an easy feat.
This global payments company has invested heavily in creating an SSDLC. Prevoty's real-time application security monitoring and protection capabilities fit right in. In this case study, we talk to Fares Alraie, the company's Senior Director of Product Security & Assurance, about:
- challenges and risks in the payment industry
- inevitable human error in software development
- the need for standardized, multi-language compatible security
- what it was like to partner with Prevoty
Prevoty now helps the payments company release secure new applications and protect existing ones in production.
“Using Prevoty not only makes us feel more at ease, but it actually also makes us feel more precise. [...] Now, our applications tell us, ‘Look, I got attacked. Here’s the field that they used to attack me. Here’s what I was able to do to protect myself."
- Fares Alraie, Senior Director of Product Security & Assurance