Explore StackHawk
Watch a Demo
Getting Started
Getting Started
StackHawk API
Integrations
StackHawk Platform
Authentication
Maturity Model
Watch a Demo
Blog
Getting Started
About
All Resources
Explore StackHawk
Watch a Demo
Getting Started
Getting Started
StackHawk API
Integrations
StackHawk Platform
Authentication
Maturity Model
Watch a Demo
Blog
Getting Started
About
All Resources
AWESOME CUSTOMER SUCCESS STORY
Change.org Brings in Dev-First Security Solutions to Improve Security Posture
BACKGROUND
Change.org recognized the need to formalize its security processes. Prior to this, individual engineers were handling security in isolation, leading to inconsistencies in scanning and addressing vulnerabilities. The team needed a way to improve their security posture and effectively protect their platform and users at scale.This lack of standardization prompted Change.org’s security team to seek effective partners. Enter Snyk and StackHawk.
Use Case
Formalize their security process
Industry
Nonprofit-Owned Public Benefit Corporation
Company
Change.org
Location
San Francisco, USA
Having tools like Snyk and StackHawk that align with Change.org’s rapid development and deployment ethos is crucial for maintaining the trust of users.
— Will Whittaker, Principal Security Engineer
THE PROBLEM
As a software company operating primarily as a website, Change.org’s core is its code. Insecure or vulnerable code poses significant risks, especially when dealing with critical petitions and the sensitive data of millions of daily users. Addressing this challenge became a top priority for the security team.
THE SOLUTION
Change.org, hosted on AWS, integrated Snyk’s Static Application Security Testing (SAST) with StackHawk’s Dynamic Application Security Testing solution. Change.org can now seamlessly test code for security issues prior to deployment, enabling engineers to “shift left” by finding and fixing vulnerabilities before they reach production and improving operational efficiency.
THE RESULTS
Vulnerabilities have decreased, empowering the security team to swiftly identify and remediate issues. This not only protects the platform but also safeguards the millions of users who trust Change.org with their data and impactful petitions.
The integration of Snyk and StackHawk has proven invaluable for Change.org. Previously lacking standardization in security practices, the adoption of these solutions improves the team’s security posture and gives the Change.org security team the ability to effectively protect their platform and users at scale. This transformation not only significantly reduced the number of vulnerabilities across the website and backend but also bolstered protection for Change.org’s millions of daily users. With sensitive user data and impactful petitions at stake, ensuring robust security measures is paramount.
Moving forward, Change.org remains committed to leveraging Snyk and StackHawk’s offerings. Actively participating in beta testing and collaborating on product enhancements, Change.org recognizes the symbiotic nature of this partnership. By contributing to the improvement of Snyk and StackHawk’s solutions, Change.org simultaneously strengthens its own security posture. Change.org views this collaboration as an extension of their capabilities, fostering a mutually beneficial relationship for all parties involved.
About Change.org
Change.org, the world’s largest tech platform for social change, serves as a global hub for over half a billion individuals passionate about making a difference. Users create and sign petitions on issues ranging from local concerns to global challenges, aiming to impact communities and shape a better world.
Explore Our Customer Stories
Learn how StackHawk customers shift left with automated API and application security testing.
Breathe Life made the decision to deploy Snyk and StackHawk together so engineers could find and fix security vulnerabilities earlier in the development lifecycle.
A healthtech company boosted security with StackHawk for API discovery and automated CI/CD security testing, to improve efficiencies while reducing risk.
Learn how one FinTech Leader deployed StackHawk to secure its Fortune 100 customers, prioritizing a shift-left and continuously secure model over just box checking for compliance requirements.
Interested in seeing StackHawk at work?
Schedule time with our team for a live demo.
Request a Live StackHawk Demo
Learn how you can complete your first scan with StackHawk in little as 10 minutes.
Get Hands-on Experience.
Give Us a Test Drive!
We know you might want to test drive a full version of security software before you talk to us. So, Get It On!