Skip to content

DevSecOps Case Study

ASG Technologies

Automating Application Security to Protect Corporate Data Assets at the Speed of Business

 

industry-icon-01

industry

Enterprise Data Intelligence, Enterprise Information Management, IT Systems Management

location-icon-01-01

Location

United States | HQ: Naples, Florida

challenge-icon-01

challenge

As one of the leading global providers of IT Systems Management solutions, protecting and securing corporate data assets of the entire software application portfolio was critical. ASG realized that current static (SAST) and dynamic (DAST) application security tools were insufficient to detect or fix code vulnerabilities rapidly.They recognized they needed a scalable, automated solution to provide continuous application security across their entire DevOps process in order to release new products faster.

We implemented Contrast’s solutions and we have received actionable insights and great results overall. I truly believe in Contrast Security - they have the potential to replace static and dynamic application security testing tools.”

Mukesh Kuma
Security Architect

asg-technologies-logo

Overview

Growth Through Acquisition

Building on 30 years of industry expertise, ASG, a global technology solutions provider, serves more than 4,000 customers worldwide in 60 countries, providing organizations with a modern approach to Digital Transformation. More than 70% of global Fortune 500 companies trust ASG to run, manage and optimize their IT investments, including Healthcare, Financial Services, Insurance and Government as the forces of regulation continue to fuel a more aggressive stance toward customer data and privacy.

Over the years, ASG has accelerated its growth through a series of successful acquisitions. To ensure the success of the company’s organic growth (in tandem with its numerous acquisitions), a timely, seamless integration process was required to ensure business and technology continuity.

Mukesh Kumar is a Security Architect at ASG. His responsibilities include helping build out the security program and in particular aid in securing the company’s software applications. ASG provides peace of mind to its corporate enterprise customers with proven solutions. These include information access, management and control focused on agility in product development, sales and customer service to better serve the fast-paced enterprise market. ASG’s growth via acquisition strategy has resulted in the creation of additional revenue streams adding value to the bottom line.

 

Challenges

A Rapidly changing Business & Technology Environment

ASG recognized that corporations that utilized effective data management programs experienced the benefits that data management provides – the undeniable value for their business bottom line. So, in order to fulfill the numerous customer requirements and differentiate their services, ASG incorporated an aggressive acquisition strategy to get products to market faster and develop a greater competitive advantage.

Implementing an acquisition strategy is not a straightforward process. The underlying integration of both business and technology highlights that the “devil is in the details.” The integration process can make or break a merger, and ASG has benefitted from the years of experience and leadership garnered from this growth strategy. Ultimately, it’s a balancing act of selecting either decisive actions versus incorporating strategic business practices. On the one hand, speed is paramount to quickly determine the potential synergies of a successful merger. Conversely, speed may be relinquished due to interminable business practices that are mired in the corporate formalities of the M&A process. Fortunately, there is a simple solution that can satisfy both of these opposing requirements of speed and due diligence and still ensure organizational alignment.

 


 

With a small team, the ability to leverage Contrast Security at scale was critical. We barely required any manual intervention which significantly helped the team and allowed us to scale. We were at the DevOps stage in our process methodology but required an automated approach to application security in order for us to reach DevSecOps.”

– Mukesh Kumar, Security Architect, ASG Technologies

 


 

 

The Ability and Flexibility to Scale Application Security Via Automation

With limited resources, Mukesh’s nascent application security team had to ensure that they could initiate their plans gradually in order to determine a robust automated application security solution. Only then could they plan out their onboarding strategy and scale appropriately with the flexibility to maneuver rapidly as internal and external market forces dictated. Implementing Contrast Assess as part of the their DevSecOps methodology enabled ASG to integrate security rapidly into their existing workflows and processes. This resulted in ASG having much greater confidence in their automated application security to deliver products to market faster

Business Users with Data Intelligence, Governance & Security

For ASG, the heart of the digital transformation is the ability to access corporate information and provide data analysis to make quicker and better-informed decisions. Therefore, it was imperative for ASG to enable businesses to accurately collaborate with this trusted data. ASG enables global enterprises to accelerate time-to-value and employ modern data governance.

Next Steps - Hybrid Deployments

To keep critical resources and data protected across all environments, ASG embarked on a program to integrate on-premises with cloud-based solutions to benefit from greater flexibility and improved efficiencies. What was needed was a comprehensive, automated and continuous approach that spans the seamless integration of current tools that developers and security practitioners were using. Such an integrated approach is essential if development and security teams want to seamlessly work together and communicate effectively. It was essential for ASG to be able to change the cultural mindset and have developers weave in security as they write code. Hence, an accurate, automated and flexible platform with Contrast provides a level of security maturity and foundation for a layered security posture to combat the increasing complex and sophisticated threats of today as well as for the future

 

Results

  • Enhanced detection and response to attack
  • Improved security posture
  • Less dependence on manual tools
  • Improved overall Total-Cost-of-Ownership (TCO)
  • Greatly reduced false positive rates
  • Accelerated software time-to-market
  • Augmented Penetration Testing (Pen Testing)
  • Provided reporting capabilities satisfying compliance and governance requirements

Secure your apps and APIs from within

Schedule a one-to-one demo to see what Contrast Runtime Security can do for you