Case Study: FormHero achieves faster remediation and fewer false positives with Snyk

Fixing Vulnerabilities Early in Development with Highly Accurate Scanning

FormHero, a Toronto-based data-capture company serving regulated customers like banks and insurers, needed to speed up secure software delivery while meeting strict compliance (including SOC 2) and contractual SLAs for bug fixes. With a 10-person development team, Docker-based microservices on Amazon ECS, and only one full-time security person, FormHero sought a solution that integrated into the developer workflow and supported JavaScript/Node.js — so they adopted Snyk (Snyk Open Source and Snyk Container).

Snyk was implemented to scan dependencies during development and routinely scan deployed container images, replacing a previous tool that generated many false positives. The switch to Snyk dramatically reduced false positives, improved license management, and helped FormHero meet SLA requirements (notify customers within 24 hours and deliver fixes within 48 hours), while enabling faster remediation by catching issues earlier in the DevSecOps pipeline.

FormHero

Ryan Kimber

Founder and CEO