Case Study: Major North American Insurance Subsidiary achieves real-time vulnerability detection and reduced security debt with Contrast Security

How this North American insurance subsidiary increased awareness among developers about application security risk and safe-coding practices

Major North American Insurance Subsidiary, a century‑old insurer with over 10,000 employees, faced slow, manual application security practices that caused release delays, poor developer compliance, many false positives from legacy SAST tools, and a growing backlog of high‑risk vulnerabilities. To address this, the organization piloted Contrast Security’s Contrast Assess to shift security left and integrate testing into developers’ workflows.

Using Contrast Assess and the Contrast agent across dozens of applications (with help from Contrast Security’s Customer Success and Professional Services teams), the insurer embedded continuous, context‑aware scanning and real‑time remediation guidance into development and integrated notifications into Microsoft Teams. The result: developers receive instant, actionable findings, SAST scans and false positives have been virtually eliminated (only three false positives in two years), remediation is faster, security debt is being paid down, and developer‑security collaboration and MTTR are measurably improved.