Case Study: Sabre strengthens API security and builds a risk-based security culture with Synack's human-powered API pentesting

Sabre Amplifies Built-In Security Culture with Human-Powered API Pentesting

Sabre, a travel technology company, faced rapidly proliferating, headless APIs and a distributed development environment that left critical endpoints vulnerable to attacks that automated scanners often miss. To strengthen its API security posture, Sabre engaged Synack, using Synack’s API Security Testing and the Synack Red Team (SRT) for human-led offensive testing.

Synack deployed expert researchers to continuously pentest Sabre’s APIs, identify misconfigurations and OWASP API Top 10–type issues, and deliver clear, actionable reports for developers. As a result of Synack’s work, Sabre completed 366 hours of API testing, shifted security left into CI/CD, accelerated remediation and retesting, and built a stronger, risk-based security culture.

Sabre

Cris Rodriguez

Director of Applications Security