Case Study: Visma reduces false positives and prevents subdomain takeovers with Detectify

Preventing subdomain takeovers and receiving less false positives with Detectify

Visma, the Oslo-based enterprise software company with more than 12,000 employees, needed to strengthen its application security across a large, distributed organization with frequent acquisitions and many public-facing applications. Its main challenges included subdomain takeovers, exposed tokens, legacy systems, OWASP Top 10 coverage, and false positives. To help address these issues, Visma used Detectify, including Surface Monitoring and Application Scanning.

With Detectify, Visma continuously monitored its external attack surface to reduce subdomain takeover risk and received low-false-positive vulnerability findings that were easier to trust and act on. The results included reduced time spent validating security issues, more relevant findings with less noise, and better support for M&A due diligence and newly acquired companies discovering previously unknown security issues. Detectify also integrated with Jira and Slack to streamline remediation and alerting.

Visma

Catalin Curelaru

Security Triage Lead