Case Study

App Development Revolution:
Elsevier Takes a New Approach to Securing Software Development

DownloadIcon.png Read the Success Story

Goal

Transform Elsevier from a print information provider to a leader in web-based, digital solutions.

Challenge

Need to increase security maturity within application development to protect new digital platforms from the outset.  A check-the-box compliance approach wouldn’t suffice as their organizational attack surface had significantly expanded.  Elsevier needed experts who could match the agility of the new platforms and serve as a trusted advisor throughout the transformation.

Objectives

Increase security awareness, elevate and standardize security understanding, and keep pace with the digital transformation.

Result

Established a phased and tiered training program for developers that increased in difficulty and was tailored for the various platforms and technologies they were developing for/ with.  This resulted in:

  • Less time spent patching retroactive security discoveries
  • Standardized security levels
  • The ability to measure expectations for each developer
  • Mandatory on-boarding training for all new hires.