APISEC|CON is BACK! May 21 @ 12pm ET - Register Now

Ada Extends Precious Security Resources by Automating API Security Testing

APIsec has significantly enhanced Ada's API security testing capabilities, providing comprehensive coverage and real-time risk management. This collaboration has led to efficient deployment and quick time to value, proving the effectiveness of proactive and continuous API security measures in protecting sensitive data within the dynamic field of automated brand interaction.
Published: 
December 14, 2023
Read Time:
5 minutes

The Business Impact:

Simplified Regulatory Compliance

Over 800 continuous tests ease HIPAA, HITRUST, and Data Privacy compliance

Time Savings

Average time to remediate identified vulnerabilities: Reduced by 60%

Cost Savings

> $200K savings over manual pen testing of complex API

Jason Barr

Jason Barr

CISO

“While many companies talk about a shift-left model, at Ada, we really embrace that. Security is a wholly separate team from development, but everything we do is centered on the belief that security is baked in from the start. APIsec helps our security team fill documentation gaps, eliminating friction. With APIsec, we capture and deliver critical insights about vulnerabilities with very little noise (false positives) and feed those insights directly into our existing ticketing system as part of the CI/CD process.”

About Ada

Company: Ada
Founded: 2016
Industry: Automated Brand Interaction
Mission: Ada is an AI-powered customer service automation platform on a mission to make customer service extraordinary for everyone.

Ada's award-winning platform has empowered over 320 brands to automate more than 2.6 billion interactions, delivering exceptional customer experiences.

Business Challenge

Ada faced several key challenges as they scaled rapidly:

  • Managing a broad library of APIs with inconsistent documentation.
  • Maintaining a shift-left security approach without introducing development friction.
  • Ensuring API security without impacting platform performance.

Ada’s security organization sought an automated, continuous, and proactive API security solution that did not require proxies, agents, or any intrusive components that could degrade performance.

The Solution

Ada chose APIsec as the cornerstone of their API security program to ensure a strategy and solution that allowed them to:

  • Rapidly onboard a vast library of APIs.
  • Detect security vulnerabilities early in the SDLC.
  • Maintain a shift-left approach with an automated solution that integrates with existing CI/CD processes.

With APIsec, Ada can proactively protect their APIs through automated, continuous penetration testing, uncovering and remediating security vulnerabilities and logic flaws that could lead to breaches and data loss.

The Business Impact

Frictionless Deployment Delivers Rapid Value

“We evaluated A LOT of API security solutions. But even the solutions that promised to run parallel, without any code or, agent, or proxy to run, still had to insert something upfront to learn our APIs. APIsec was unique. The only requirement was that I give them our URL, and from there, the APIsec solution was able to learn each API, identify all of our endpoints, and reverse-engineer the documentation we needed to onboard our APIs. We had been trying and failing with another solution for months to get to this point.”
— Jason Barr, Chief Information Security Officer, Ada


Shift-Left by Design

“While many companies talk about a shift-left model, at Ada, we really embrace that. Security is a wholly separate team from development, but everything we do is centered on the belief that security is baked in from the start. APIsec helps our security team fill documentation gaps, eliminating friction. With APIsec, we capture and deliver critical insights about vulnerabilities with very little noise (false positives) and feed those insights directly into our existing ticketing system as part of the CI/CD process.”
— Jason Barr, Chief Information Security Officer, Ada


Extend Valuable Security Resources

“Like most organizations, our security team is a fraction of our development team. APIsec gives us the ability to proactively, continuously pen test our APIs with less than a single, dedicated resource, and frees up that resource to focus additional time on only the most complex/new attack scenarios.”
— Jason Barr, Chief Information Security Officer, Ada


Risk Reduction and Improved Visibility

“In addition to supporting our annual SOC II certification process, the continuous and detailed insights from the APIsec platform help Ada ensure we are maintaining proper cybersecurity hygiene and remain good stewards of customer data in line with GDPR and CCPA.”— Jason Barr, Chief Information Security Officer, Ada

Looking Ahead: Continuous Improvement in API Security

Ada is committed to further strengthening their API security measures with a focus on:

  • Expanding Testing Coverage: Continuously broadening the scope of API security tests to cover new functionalities and services.
  • Enhancing Automation: Increasing automation in security processes to reduce manual intervention and accelerate response times.
  • Ongoing Training: Investing in continuous training for their development and security teams to stay updated with the latest security practices and threats.
  • Collaborating with APIsec: Leveraging new features and updates from APIsec to enhance their security posture.

By focusing on these areas, Ada aims to stay ahead of potential threats, ensuring robust protection of sensitive data and reinforcing their commitment to security and customer trust.

Similar Case Studies

Check out how some of the world's most successful companies use APIsec to protect their APIs
R1 RCM

R1 RCM Advances API Security Program with APIsec

September 11, 2024
5 minutes
Sally Beauty

Sally Beauty Automates API Security with APIsec

July 15, 2024
5 minutes
Supreme Lending

Supreme Lending Enhances API Security with APIsec

July 12, 2024
5 minutes
Automate Your API Security.
APIsec University
CoursesResources
Events
APISEC|CONLive API Security WorkshopPrivate API Security Workshop
About
Who is APIsec?BlogCase StudesSupport
Copyright © 2024 APIsec.ai
Free License Agreement
Terms & Conditions
Privacy Policy

Ada Extends Precious Security Resources by Automating API Security Testing

APIsec has significantly enhanced Ada's API security testing capabilities, providing comprehensive coverage and real-time risk management. This collaboration has led to efficient deployment and quick time to value, proving the effectiveness of proactive and continuous API security measures in protecting sensitive data within the dynamic field of automated brand interaction.

September 11, 2024
5 minutes

The Business Impact:

Simplified Regulatory Compliance
Simplified Regulatory Compliance
Simplified Regulatory Compliance
Time Savings
Cost Savings
Cost Savings

“While many companies talk about a shift-left model, at Ada, we really embrace that. Security is a wholly separate team from development, but everything we do is centered on the belief that security is baked in from the start. APIsec helps our security team fill documentation gaps, eliminating friction. With APIsec, we capture and deliver critical insights about vulnerabilities with very little noise (false positives) and feed those insights directly into our existing ticketing system as part of the CI/CD process.”

Jason Barr
CISO

About Ada

Company: Ada
Founded: 2016
Industry: Automated Brand Interaction
Mission: Ada is an AI-powered customer service automation platform on a mission to make customer service extraordinary for everyone.

Ada's award-winning platform has empowered over 320 brands to automate more than 2.6 billion interactions, delivering exceptional customer experiences.

Business Challenge

Ada faced several key challenges as they scaled rapidly:

  • Managing a broad library of APIs with inconsistent documentation.
  • Maintaining a shift-left security approach without introducing development friction.
  • Ensuring API security without impacting platform performance.

Ada’s security organization sought an automated, continuous, and proactive API security solution that did not require proxies, agents, or any intrusive components that could degrade performance.

The Solution

Ada chose APIsec as the cornerstone of their API security program to ensure a strategy and solution that allowed them to:

  • Rapidly onboard a vast library of APIs.
  • Detect security vulnerabilities early in the SDLC.
  • Maintain a shift-left approach with an automated solution that integrates with existing CI/CD processes.

With APIsec, Ada can proactively protect their APIs through automated, continuous penetration testing, uncovering and remediating security vulnerabilities and logic flaws that could lead to breaches and data loss.

The Business Impact

Frictionless Deployment Delivers Rapid Value

“We evaluated A LOT of API security solutions. But even the solutions that promised to run parallel, without any code or, agent, or proxy to run, still had to insert something upfront to learn our APIs. APIsec was unique. The only requirement was that I give them our URL, and from there, the APIsec solution was able to learn each API, identify all of our endpoints, and reverse-engineer the documentation we needed to onboard our APIs. We had been trying and failing with another solution for months to get to this point.”
— Jason Barr, Chief Information Security Officer, Ada


Shift-Left by Design

“While many companies talk about a shift-left model, at Ada, we really embrace that. Security is a wholly separate team from development, but everything we do is centered on the belief that security is baked in from the start. APIsec helps our security team fill documentation gaps, eliminating friction. With APIsec, we capture and deliver critical insights about vulnerabilities with very little noise (false positives) and feed those insights directly into our existing ticketing system as part of the CI/CD process.”
— Jason Barr, Chief Information Security Officer, Ada


Extend Valuable Security Resources

“Like most organizations, our security team is a fraction of our development team. APIsec gives us the ability to proactively, continuously pen test our APIs with less than a single, dedicated resource, and frees up that resource to focus additional time on only the most complex/new attack scenarios.”
— Jason Barr, Chief Information Security Officer, Ada


Risk Reduction and Improved Visibility

“In addition to supporting our annual SOC II certification process, the continuous and detailed insights from the APIsec platform help Ada ensure we are maintaining proper cybersecurity hygiene and remain good stewards of customer data in line with GDPR and CCPA.”— Jason Barr, Chief Information Security Officer, Ada

Looking Ahead: Continuous Improvement in API Security

Ada is committed to further strengthening their API security measures with a focus on:

  • Expanding Testing Coverage: Continuously broadening the scope of API security tests to cover new functionalities and services.
  • Enhancing Automation: Increasing automation in security processes to reduce manual intervention and accelerate response times.
  • Ongoing Training: Investing in continuous training for their development and security teams to stay updated with the latest security practices and threats.
  • Collaborating with APIsec: Leveraging new features and updates from APIsec to enhance their security posture.

By focusing on these areas, Ada aims to stay ahead of potential threats, ensuring robust protection of sensitive data and reinforcing their commitment to security and customer trust.

Ready to Secure What Matters Most?

Start your journey with a team that goes beyond scanning — experience APIsec in action.

Sign Up for FREE

You Might Also Like

R1 RCM Advances API Security Program with APIsec

September 11, 2024
5 minutes

Sally Beauty Automates API Security with APIsec

July 15, 2024
5 minutes