Case Study: LifeOmic achieves rapid mobile app releases and FedRAMP-ready security with NowSecure

NowSecure integrated DevSecOps testing speeds the release of wellness apps and aids regulatory compliance

LifeOmic is a precision health company that builds mobile apps to help nearly 4 million users track nutrition, sleep, exercise and other personal health data. Because its apps handle sensitive personal and IoT data and must meet regulations like HIPAA, GDPR and CCPA (and pursue certifications such as HITRUST, SOC 2 and FedRAMP), manual mobile penetration testing became a bottleneck—taking up to a week and unable to scale for biweekly releases or FedRAMP requirements.

To solve this, LifeOmic embedded the NowSecure Platform into its DevSecOps pipeline so Jenkins sends builds to NowSecure for automated SAST/DAST/IAST and API testing and results are pushed into GitHub Issues for rapid remediation. The integration cut testing time from about a week to two hours or less, gave developers fast, actionable findings and secure-coding training, improved supply-chain visibility, and helped LifeOmic achieve FedRAMP and maintain ongoing regulatory compliance.

LifeOmic

Joe DiMarzio

Senior Product Security Engineer