Case Study: Global Retailer Company achieves scalable, production-safe application security and 100% PCI compliance with Black Duck

How a Global Retailer Scaled Its Application Security Program and Accelerated Digital Transformation

This Fortune 500 bank—one of the 10 largest U.S. banks—was rapidly building mobile and eBanking applications but struggled to scale application security across hundreds of apps with a small AppSec team. It needed a proactive, production-safe solution to meet strict regulatory (PCI) requirements and stop spending excessive time triaging false positives from automated scanners.

Black Duck deployed Continuous Dynamic, Continuous Dynamic Auto API, business logic assessments and security testing services to provide 24/7 production-safe scanning, authenticated API testing and expert-verified findings. The phased rollout let the bank scale AppSec across hundreds of applications, virtually eliminate false positives, accelerate remediation and developer education, and reach and maintain 100% PCI compliance—substantially improving security effectiveness and ROI.