When a cloud media sharing service needs to secure their most important media assets and stay compliant, who can they turn to? Wiredrive chose Checkmarx, which enabled them to integrate with its Continuous Integration SDLC cycle for ongoing and continuous scanning.
Wiredrive.com Uses Checkmarx As Its First Line of Defense
1. About the Company
founded in 1999. The Wiredrive team consists of 35 employees and has
and London.
The Requirements
Wiredrive is preparing for SSAE16 compliance and needed a suite of
tools to validate secure coding best practices.
Wiredrive’s Enterprise clients required recurring penetration tests and
static code scans to audit the platform’s security.
Wiredrive needed an internal solution that integrates with its
Continuous Integration (CI) SDLC process, which uses Atlassian's
Bamboo and GIT as the source repository.
The solution needed to scan a large web application consisting of PHP,
JavaScript, and Python.
Wiredrive needed to scan its WordPress plugin and sample code.
1.
2.
3.
4.
5.
The Alternatives
During the evaluation process, Wiredrive reviewed several open source
solutions that failed to locate known vulnerabilities.
Wiredrive asked their Enterprise customers’ security departments for
security audit recommendations.
WIREDRIVE
CHECKMARX’S Case Study
Overview
COUNTRY: USA
INDUSTRY: cloud media
sharing
web site: www.wiredrive.com
PROFILE: Wiredrive is the cloud
media sharing service of choice for
the world’s largest advertising,
entertainment and consumer
marketing companies. Production,
sales and marketing teams trust
Wiredrive to simplify the logistics of
creativity and securely manage their
most important media assets. Them
bring people and media together in
a shared space where hard work and
great ideas blossom into amazing
things. Wiredrive is a fast-growing,
SOLUTION: Projects - Online
production, review and approval, and
integrated campaign management.
Wiredrive Projects consolidates all of
your assets into one place that can be
accessed anywhere, anytime.
Library - Create video reels and
multi-media presentations instantly,
with a myriad of powerful search
tools, meta-tagging abilities,
management tools and reporting
abilities. Used for promotion and new
business presentations.
After additional research, Wiredrive realized that the recommended
security vendors were frequently using Checkmarx.
When one of Wiredrive's major customers specically
recommended Checkmarx, they decided to evaluate the product.
2. The Checkmarx Selection
Wiredrive found Checkmarx's CxCloud solution
unknown vulnerability. The test was easy to
perform because CxCloud integrated directly
with Github. CxCloud showed the complete
locations in the code.
Wiredrive ran their second test to validatetheir
custom framework, which revealed both known
and unknown vulnerabilities. Since Checkmarx
met all evaluation requirements, Wiredrive
signed up.
The Implementation
directly to CxCloud and ran a full scan. The QA
team grouped the results and prioritized remedi-ation.
The initial scans found vulnerabilities
in the deprecated code, which was quickly
addressed.
Wiredrive successfully integrated Bamboo
with the Checkmarx CLI interface with the help
from the Checkmarx's support team. This let
vulnerabilities decrease on an ongoing basis.
Now, Wiredrive runs a full scan on every build to
make sure that new code adheres to secure
coding best practices.
Enterprise customer requirements.
The Bottom Line
The sales cycle and product evaluation was simple and straightforward. The Checkmarx team was prompt and
helpful throughout the entire sales and onboarding cycle. Technologically, the product exposed unknown
easy to understand.
Finally, Wiredrive’s Enterprise customers have responded positively by signing up additional departments and
referring new customers.
Checkmarx plays a fundamental role in hardening our web application.
of defense.
Daniel Bondurant, CTO
Wiredrive.com