Case Study: CM.com achieves stronger security, faster remediation, and reduced risk with Contrast Security

How CM.com is leveraging Contrast to improve its efficiencies while reducing the risk posed by its applications

CM.com, a global conversational commerce platform, faced slow, labor‑intensive application security processes driven by traditional SAST and penetration testing: long mean time to remediation (often days), developer friction and delays, and difficulty managing risky open‑source libraries and licensing. To modernize their secure SDLC, CM.com selected Contrast Security and licensed Contrast Assess and Contrast SCA (with professional services support) to embed continuous, instrumentation‑based security into developers’ workflows.

Contrast Security deployed its Application Security Platform (Assess and SCA), integrating with tools like Docker, Visual Studio, Jira and Teams to give developers immediate, actionable feedback. As a result CM.com cut MTTR dramatically (the team reports typical vulnerability discovery moved “from days to minutes”), reduced developer remediation time, sped up reporting from hours to minutes, lowered bug‑bounty costs, and reduced licensing and dependency‑confusion risk through automated SCA controls—delivering faster, more secure releases.

CM.com

Sándor Incze

CISO