EstateSpace secures highly sensitive data for high-net-worth clients, and had to reassure them without an in-house security team, without the cost and limited coverage of manual pen testing, and without disrupting developer workflows.
EstateSpace integrated apisec into its pipeline, completing initial risk discovery in 24 hours and running continuous validation across 150+ endpoints with more than 1,500 attack playbooks, automatically checking for new issues as developers shipped.
EstateSpace stood up privilege-escalation testing in under a month for well below the cost of a single security engineer, cut testing cost by 70%, and remediated 200+ issues in the first month.
Company: EstateSpace (a brand of Griffin Global)
Founded: 2017
Industry: Asset Management
Vission: to transform private asset management through seamless integration of purpose-built technology, fostering unmatched data integrity and transparency, enabling experts to excel as never before.
EstateSpace provides asset management software designed to streamline estate management for wealth and estate managers. As the application grew in popularity, ensuring the security of highly sensitive data became a top priority.
EstateSpace faced several challenges as they sought to secure their APIs:
EstateSpace partnered with apisec to integrate automated and continuous application security testing into their development pipeline. apisec provided comprehensive security coverage without disrupting existing workflows.
apisec's solution eliminated the need for manual security checks, enabling developers to focus on building and enhancing the application while ensuring robust security.
“Through the use of playbooks each designed for a particular vulnerability type, apisec was able to quickly generate approximately 1500 playbooks against over 150 API endpoints, testing thousands of potential vulnerabilities.”
— Matt Jenks, CTO/CSO, EstateSpace
“With apisec as a partner, our privilege escalation testing was put together in under a month, resulting in a great return on investment as the total cost is well below the cost of a single security test engineer.”
— Matt Jenks, CTO/CSO, EstateSpace
“We found apisec to be a great partner to work with overall, but especially when it came to our DevSecOps tooling. This provided developers with all the information needed to debug and identify the source of the defect, resulting in faster closure rates for privilege escalation-related defects.”
— Matt Jenks, CTO/CSO, EstateSpace
EstateSpace is committed to maintaining and enhancing its application security practices by focusing on the following:
By prioritizing these areas, EstateSpace aims to maintain robust protection of their applications, ensuring the highest standards of security and reliability for their customers.
With apisec as a partner, our privilege escalation testing was put together in under a month, resulting in a great return on investment as the total cost is well below the cost of a single security test engineer.