Deploying Bright’s DAST Solution at a Prominent North American Bank
Table of Content:
3.Solution
5.Results
Introduction
Ensuring the security and privacy of customer data is paramount for financial institutions in
building and sustaining customer trust. This case study delves into the successful implementation of Bright Security’s Dynamic Application Security Testing (DAST) solution by a North America based top 10 Global bank. By adopting a dev-centric DAST solution, the company automated the detection and remediation of vulnerabilities early in their Software Development Life Cycle (SDLC).
Background
As a major player in the North American market, the financial company operates more than 500 critical customer-facing applications and more than 10,000 applications and APIs. Recognizing the potential risks associated with vulnerabilities, the company sought a solution for early detection and remediation while automating the entire process within their existing software development process.
Solution
To achieve their integrated development and security goals, the organization chose Bright Security’s enterprise DAST solution. Bright automates scans, reporting, and the entire vulnerability management workflow, offering an efficient and effective security approach. Leveraging Bright’s extensive API library for streaming and integrations, the company deployed multiple enterprise-grade API scripts, further customizing and streamlining the workflow
Implementation
The implementation commenced in 2023, seamlessly integrating the tool into multiple development CI/CD pipelines. During 2023, the bank onboarded their most critical and sensitive customer-facing applications onto the Bright Platform, conducting roughly 700+ scans per month. After reliable and robust success and scaling throughout 2023, during 2024, the company set an ambitious goal to onboard all applications into Bright, requiring a Bright scan for every application and succeeded in onboarding more than 15,000 contributing developers, and finished the year running more than 30,000 scans per month. For 2025, they tripled their Bright engagement as a direct result of their high satisfaction with Bright’s solution and services.
Results
DAST testing is now a mandatory security practice integrated into their ongoing development process. Continuous DAST testing for every build cycle eliminates their previous need to wait months for third-party security testing. The company was able to prioritize valuable security testing throughout the development life cycle, and revamped their vulnerability management practices as a result. The company now conducts an average of 1,100 scans per day and has plans to add new business groups and subsidiaries in the future. The bank was able to reduce vulnerability detection and remediation time by
more than 70% by implementing Bright’s solution.
Conclusion
This case study highlights the significant benefits of the Bright Security DAST for a prominent enterprise financial institution. The adoption of Bright enhanced the speed and efficiency of their development processes, enabling the company to stay competitive and adapt quickly to evolving industry trends, while ensuring compliance standards, and robust application security testing is in place.
