Case Study: Large Investment Research Firm achieves rapid Spring4Shell remediation with Mend

Mend Helps A Large Financial Firm Address Spring4Shell in Hours

A large investment research firm with about 4,000 employees—half in software development or IT and a 60-person cybersecurity team—had standardized on DevOps practices and Mend SCA across thousands of projects. When the Spring4Shell (CVE-2022-22965) zero-day was announced, the firm needed to rapidly identify affected applications and communicate fixes to development teams at DevOps speed.

Mend SCA immediately alerted developers via Jira and daily email, while Mend Renovate automated many dependency fixes and pull requests; existing integrations and a recently refined zero-day process (from a Log4j drill) gave the team situational awareness within hours. Teams with automated testing remediated fastest, mitigations were applied where needed, and overall the firm turned the incident around in a matter of hours—after which it was treated as just another day.