Case Study: Krungsri achieves scalable open source governance and fewer false positives with Sonatype Lifecycle

Krungsri cuts false positives and accelerates secure development with Sonatype Lifecycle

Krungsri (Bank of Ayudhya), a major bank in Thailand, faced challenges with its open source governance due to an overwhelming number of false positives from its existing software composition analysis tool. This high rate of false positives consumed developer time, slowed innovation, and limited enterprise-wide visibility. To address this, the bank turned to vendor Sonatype and its product, Sonatype Lifecycle, for a modern solution.

Sonatype implemented its Lifecycle platform, integrating it into the bank's CI/CD pipelines to provide automated scanning and actionable feedback. The solution, which included the Advanced Legal Pack, eliminated noise from false positives and provided accurate, contextual insights for risk-aware decision making. As a result, Krungsri achieved unparalleled accuracy in vulnerability detection, gained centralized oversight, and empowered its development teams to innovate with speed and confidence on a secure and compliant foundation.