StackHawk
Hamburger Icon
alternativeText

Use Case

Operate Efficiently


Industry

Financial Services


Company

Maya


Location

Philippines

HAWKSOME CUSTOMER SUCCESS STORY

Maya partners with StackHawk

to automate DAST for web and

API security testing

BACKGROUND

As a heavily security regulated company by the local Filipino government, Maya is invested in the security of their platform and adhering to PCI-DSS compliance policies and procedures.

With their previous DAST solutions, the team ran into operational inefficiencies such as long scan times, high false positives, manual testing, and overall business delays, which also increased the potential for risk of bug/vulnerabilities undetected for periods of time. “Our scan times range from 20-30 minutes with StackHawk, compared to 20 minutes to 2 hours with our previous DAST solutions.”

Left Quote
Our scan times range from 20-30 minutes with StackHawk, compared to 20 minutes to 2 hours with our previous DAST solutions.
Right Quote
THE PROBLEM
THE PROBLEM

Business delays associated with long scan time frames, high false positives and risk of undetected vulnerabilities for periods of time.

THE SOLUTION
THE SOLUTION

Integrated StackHawk’s automated DAST solution into their CI tools enabling developers to detect and remediate vulnerabilities right away, even before any security audits.

THE RESULTS
THE RESULTS

Faster scan times, reduced time to remediate and increased developer productivity

CHOOSING A SOLUTION

With high developer adoption, the team at Maya wanted to ensure an application security testing solution aligned with their business goals of delivering applications faster to support the overall growth of the business. Understanding the importance of security testing early in the software delivery lifecycle, the team was focused on a solution that was purpose-built to integrate with existing DevTools like Jenkins and Gitlab CI. Additionally, the team was looking to automate DAST for web and API security testing.

“With StackHawk, being embedded in the pipeline it enabled our developers to detect and remediate the vulnerability right away even before any security audits, which reduces the time to remediate to only a few days compared to weeks before the implementation.”

image

EXPERIENCE WITH STACKHAWK

StackHawk has significantly increased operational efficiencies and speed to market by reducing manual testing with automated API calls and time spent between teams (Developers and DevSec) on triage and fix. Additionally, integrating StackHawk was seamless.

“StackHawk saves us a lot of hours (approximately 1.25 every day) doing back and forth calls to why and how a vulnerability should be fixed.”

With a larger number of Developers, Maya was able to integrate 65% in 4 months. Additionally, StackHawk continues to meet Maya’s compliance requirements, passing with flying colors with their ISO auditor.

Left Quote
With StackHawk, our scanning timeframes have decreased from days, seriously, and hours to minutes.
Right Quote
alternativeText

About Maya

Maya is the all-in-one money platform bringing Filipinos bolder ways to master their money. The company is powered by a unique integrated financial services ecosystem that addresses the ever-evolving needs of today’s generation of money makers through cutting edge technology. Maya leads millions of Fililpinos – consumers, businesses, communities, and government agencies alike – into a version of the current digital economy that’s more inclusive, transparent, and empowering than ever. Customers can conveniently pay, add money, cash out or remit through its over 380,000 digital touchpoints nationwide. Special thanks to the Maya team; Cederic Martinez, Delster Tanedo, and Donn Angelo for contributing to this story.

SHIP SECURE

SOFTWARE FASTER!

Want to know how StackHawk can improve your API Security and AppSec Programs?

Schedule time with our experts for a live demo.

Schedule time with our experts for a live demo.

Get Hands-On Experience
Give Us A Test Drive!

We know you might want to test drive a full version of security software before you talk to us. So, Get It On!