Case Study: Capital One enhances DevOps security and compliance with Qualys solutions

Capital One Building Security Into DevOps

Capital One, a major bank, needed to strengthen security and compliance across its DevOps pipeline without slowing delivery. Using Qualys, the company automated vulnerability and compliance checks for AMIs and containers, while also improving detection of misconfigurations and security issues in production environments.

Capital One implemented Qualys Cloud Agent and APIs across nearly every AMI in its “bakery,” and adopted Qualys Container Security with Jenkins integration for container scanning. With Qualys, Capital One achieved 95% assessment coverage of its IP addresses and cut scan data availability time to less than 24 hours, while also reducing false positives and freeing its security team to focus on governance and higher-value work.

Capital One

Emmanuel Enaohwo

Senior Manager for Vulnerability/Configuration Management