Case Study: Fortune 500 Healthcare Firm achieves over 50% reduction in high‑risk vulnerabilities on critical applications with Brinqa Application Risk Service

Fortune 500 Healthcare Firm - Customer Case Study

Fortune 500 Healthcare Firm faced a fragmented application security environment after years of M&A, with 2,000+ applications, incompatible SAST/DAST/PenTest outputs, inconsistent inventories for internally developed vs. externally sourced apps, poor HIPAA asset tracking, and undefined remediation ownership and SLAs. To address these challenges they engaged Brinqa, deploying Brinqa Application Risk Service to create a unified application risk management strategy.

Brinqa consolidated inventories (ServiceNow + Jira), normalized metadata with business rules, ingested findings from Checkmarx, Qualys WAS and external pen tests, de‑duplicated and prioritized vulnerabilities, enforced ownership and SLAs via automated ticketing to ServiceNow and Jira, and produced HIPAA compliance reports. As a result Brinqa helped the customer make the CMDB the authoritative inventory, cut high‑risk vulnerabilities on critical assets by over 50% in three months, reduce overall vulnerability volume by 20%, create fewer tickets while improving remediation efficiency, and automate analytics previously handled by 3 FTEs.