Explore how speed, collaboration, and a developer-centric mentality help MuleSoft maintain their security posture.
How MuleSoft Fixes Vulnerabilities Faster with Deeper Engineering Engagement
Sergey Stelmakh, Platform Security Architect, manages security architecture and runs the vulnerability management program at MuleSoft, the leading API management and integration platform. Security is important because MuleSoft processes a lot of customer data that is critical to protect.
The challenge with traditional penetration testing is that oftentimes it takes months to set up an engagement. With Cobalt, you can have a pentest up and running within 24 hours, providing easier and more flexible planning.
In order to maintain security, Stelmakh and the MuleSoft team leverage pentesting to identify and address potential weaknesses in a product. To Stelmakh, a successful pentest means having a higher level of engagement and collaboration between his engineering team and the pentesters. With Cobalt’s Pentest as a Service (PtaaS) platform, the two teams can work directly together, and as a result, start fixing findings as soon as they are discovered.
Instead of pentesters dropping issues on the Engineering team and leaving them to fix it, engineers have the opportunity to discuss issues, categorize their severity, as well as define and review priorities with the pentesters. This more collaborative process helps keep the engineering team engaged and gives them deeper insights into the vulnerability management process. In turn, this allows Stelmakh and his team to fix vulnerabilities faster and help keep their systems more secure.
By valuing the importance of security testing, this mentality around vulnerability discovery compliance becomes easier.
“We prefer engineering teams work directly with pentesters and that's the huge benefit of Cobalt’s offering. Cobalt gave us the ability to get engineers and pentesters together to collaborate and start fixing findings as they get discovered.”