SecurityBrief India - Technology news for CISOs & cybersecurity decision-makers
India
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
Advanced Persistent Threat Protection
#
Cybersecurity
#
Testing
Vitrana reduces software security vulnerabilities by 66% using CAST
Mon, 16th Oct 2023
Author image
By Sean Mitchell, Publisher
Follow us

International life sciences and healthcare platform provider, Vitrana, has significantly decreased open-source software (OSS) security vulnerabilities by over 66% with the use of CAST Highlight's software intelligence technology. Vitrana, whose global clientele encompasses notable entities such as Bayer, Pfizer, and Temple University AstraZeneca, has successfully utilised CAST Highlight's software composition analysis (SCA) capability to obtain extensive insights into their portfolio composition.

Vitrana used this technology to seamlessly control 15 critical applications, manage their software supply chains, open-source components and dependencies, and notably reduce OSS vulnerabilities by over two-thirds, all without creating any disturbance for developers. Given the regulatory rigour of the life science domains in which Vitrana operates, this progression is particularly essential. Here, the highest standards of software quality need to be maintained with nominal compliance issues or security vulnerabilities.

Due to the complexity of manually conducting due diligence on the open-source components in their portfolio, such as identifying security susceptibilities, license compliance issues, and out-of-date versions, Vitrana realised the importance of incorporating an automated software composition analysis solution within their software development lifecycle (SDLC) process. This led them to the adoption of CAST.

CAST Highlight has provided substantial actionable portfolio insights, enabling swift and rigorous open-source component management. Reports are now produced and circulated to all application owners on a weekly basis, while problems are rectified as part of code merge requests in tandem with the development phase itself. The SDLC process automatically ensures compliance, as CAST reports are sanctioned before signing off the build for quality assurance.

According to Vitrana's Chief Technology Officer, Jagadish Ramaiah, the successful implementation of CAST Highlight as the control tower of their portfolio has "significantly enhanced our ability to detect and mitigate security vulnerabilities in real-time, reaffirming our commitment to delivering secure and compliant solutions to clients." This proactive approach is consistent with industry standards, allows Vitrana to address potential threats rapidly, inspires confidence in their clients, and brings greater peace of mind to their customers.

Related stories
Smarttech247 & SentinelOne launch AI-powered cybersecurity for SMEs
GitHub's 2FA initiative helps secure software supply chain
Jason Haddix joins Flare as Field Chief Information Security Officer
AI tools linked to data exposure in 1 in 5 UK organisations
Trend Micro introduces AI-driven cyber risk management features
Top stories
Zscaler introduces enhanced ZDX service for improved IT operations
The importance of cybersecurity training for software developers
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity
Record ransomware attacks in March 2024, report finds