Case Study: R1 RCM Achieves Continuous API Security Testing with APIsec

R1 RCM Advances API Security Program with APIsec

R1 RCM, a healthcare technology company, needed to strengthen its security program as its API footprint expanded and the attack surface grew. To support a more agile development strategy while minimizing risk, R1 RCM turned to APIsec for API-specific security testing that could shift left, validate controls in production, and automate as much of the process as possible.

APIsec provided continuous, automated API vulnerability scanning across every code release, with no agents or code insertion, and integrated into R1’s existing SDLC. The result was a proactive API security program built in about 180 days, covering 1,500 API endpoints and 25,000 tests, with always-on monitoring and a 90-day SLA for critical vulnerabilities, giving R1 RCM faster insight into risks and stronger protection before issues reached production.

R1 RCM

Cecil Pineda

Chief Information Security Officer