Bright Security’s Enterprise Grade Dev-Centric DAST Integrates with

Microsoft Defender for Cloud →
Product
Product overview

See how dev-centric DAST for the enterprise secures your business.

Web attacks

Continuous security testing for web applications at high-scale.

API attacks

Safeguard your APIs no matter how often you deploy.

Business logic attacks

Future-proof your security testing with green-flow exploitation testing.

LLM attacks

Next-gen security testing for LLM & Gen AI powered applications and add-ons.

Interfaces & extensions

Security testing throughout the SDLC - in your team’s native stack.

Integrations

Connecting your security stack & resolution processes seamlessly.

Docs

Getting started with Bright and implementing it in your enterprise stack.

Book a demo

We’ll show you how Bright’s DAST can secure your security posture.

Resources
Blog

Check out or insights & deep dives into the world of security testing.

Webinars & events

Upcoming & on-demand events and webinars from security experts.

Docs

Getting started with Bright and implementing it in your enterprise stack.

Case studies

Dive into DAST success stories from Bright customers.

Research

Download whitepapers & research on hot topics in the security field.

Company
About us

Who we are, where we came from, and our Bright vision for the future.

News

Bright news hot off the press.

Webinars & events

Upcoming & on-demand events and webinars from security experts.

We're hiring

Want to join the Bright team? See our open possitions.

Bug bounty

Found a security issue or vulnerability we should hear about? Let us know!

Contact us

Need some help getting started? Looking to collaborate? Talk to us.

Resources > Success story > 

Customer Success Story by Fastlane

Customer Success Story by Fastlane

Dallas, TX

Industry:

Automotive insurance technology

Size:

Startup

Anyone who’s bought a car knows that the paperwork is confusing and the process is time-consuming. Software company Fastlane, based in Dallas, created an app that promises to remove the drudgery of car buying for both buyers and auto dealers. The company is currently doing the same for auto insurance companies with its LossExpress product, in a bid to shorten the long and complicated process of having insurance carriers pay for totaled vehicles. 

“We want to automate the manual processes for settling totaled claims that used to take as long as 30 days, and condense them down to less than one day,” says Mike Mclaren, CTO for Fastlane. 

To help his small development team quickly develop and roll out new features for Fastlane, while staying secure, Mclaren implemented CircleCI, alongside Bright, for application and API security testing.

With a small, hardworking dev team, Mclaren wanted engineers to spend their time focusing on product features, not troubleshooting code. “Deploying features is incredibly important, but we don’t want to be thinking about that all week long during the deployment schedule,” he says. 

Instead of worrying about infrastructure, Mclaren decided to bring in CircleCI, which he’d used for previous app-building projects. “CircleCI is one of those products I’ve stuck with for many years across multiple businesses,” he says. “That’s why I’m cool with my own business spending money on it today. I was already comfortable with CircleCI, and I knew how simple and easy it is.”

At the same time, Mclaren also brainstormed ways to ensure data security within the Fastlane app. “We know that auto insurers are very concerned about the security of customer data,” he explains. “We relied on OpenSource DAST scanners, which were not accurate or consistent with our workflows, especially as we built our CI pipeline.” 

Automation was a primary focus for Mclaren, adding, “We really liked Bright’s automatic validation of security issues that we hadn’t seen in other scanners. Historically, my team would have to manually dig into each issue to see if it were really there, which was not scalable with our rapid release cycles. Now, we can trust the output, piped into the existing projects we’re putting through CircleCI while avoiding failed builds due to false alerts.” 

Fastlane is getting ready to release its very first API, which means the development team is increasing its reliance on CircleCI.

“We’ll have numerous clients integrating with our products, which is amazing – but that also means thinking through every little detail,” Mclaren says. “We have to be super-careful with testing, and with security as well.”

The company is also working on a tool that will help insurers value cars that have been totaled, with payouts due to insurance customers. 

“We want developers to spend their time coding these apps, and we want to get them out the door as quickly as possible,” Mclaren says. “With CircleCI, we know we can deploy the apps, without thinking or worrying about infrastructure. With Bright’s security scanner, my developers can also test our APIs for security vulnerabilities, giving us great coverage, all neatly integrated with CircleCI.” 

Focusing on the future 

By using CircleCI and Bright, Fastlane’s developers can quickly tackle problems without losing focus on app development. “We don’t have to worry about any scripts that need to be run at any given time,” Mclaren says. “And we don’t have to worry about how the Docker containers are going to spin up. I can just pay attention to the things that matter to me, day in and day out.” 

When Mclaren and his engineers do need to address an issue, they’ll get notified quickly. “We like being able to tie into GitHub for status checks, and getting notifications from Slack when tests fail,” he says. “And since security is incredibly important, we have Bright integrated into our pipeline, so our developers can detect and fix security issues on every build, long before they hit production, minimizing our technical and security debt.” 

Now that engineers can dig deep into the processes that Fastlane’s customers need to be successful, Mclaren can concentrate on Fastlane’s future. 

“We’re a tiny shop, and we’ll remain that way even though we’re looking to double our team in the future,” Mclaren says. “When all is said and done, we’ll still operate like we’re tiny, and we’ll use CircleCI to automate testing.”

Get our newsletter