Case Study: Trade-Van Information Services Co. slashes scan time to minutes and boosts developer morale with Checkmarx SAST

Trade-Van Significantly Reduces Its Scan Time and Improves Developer Morale

Trade-Van Information Services, a Taiwan-based financial services IT firm that operates customs clearance, tax declaration and other systems containing sensitive PII, needed to harden its software development lifecycle. Despite adopting CMMI and ISO 27001 and running manual code reviews, the company’s initial AppSec scans were far too slow—full scans could take up to 48 hours—so Trade-Van sought a fast, automatable source-code scanning solution.

Partnering with Galaxy Software Service, Trade-Van implemented Checkmarx Static Application Security Testing (SAST) with incremental, automatable scans integrated into developers’ workflows. Scan times dropped to as little as three minutes, compliance reporting became straightforward, deployments accelerated, security debt and time-to-remediation fell, and developer buy-in and morale markedly improved.

Trade-Van Information Services Co.

Ming-Sheng Chiu

Deputy Manager of the Quality Assurance Centre