Case Study: North American Bank boosts vulnerability resolution velocity with Bright Security

How a prominent North American bank increased vulnerability resolution velocity by 46%

North American Bank, a prominent North American financial institution with more than 10,000 employees, needed a modern way to secure a large and complex application landscape of 4,000 web applications and 2,000 APIs. Its legacy DAST solution scanned only a small portion of the attack surface, generated many false positives, and often found critical vulnerabilities only after they had already reached production. The bank turned to Bright Security and its Dynamic Application Security Testing platform to address these challenges.

Bright Security implemented a dev-centric DAST approach that integrated into the bank’s SDLC from IDE and unit tests through pre-production and production, with strong authentication support, low false positives, and clear remediation guidance. As a result, the bank increased scanned endpoint volume by 4x, resolved about 55% of vulnerabilities in CI or earlier, reduced time to remediate high vulnerabilities in production to under 14 days, and improved vulnerability resolution velocity by 46%.