Leading Cryptocurrency Exchange Reduces Vulnerability Noise 80% with Oligo Platform
Goals
- Visibility into the software components running in their environment: shorten time for reachability analysis.
- Stop the security team from spinning cycles: focus on vulnerabilities that matter most.
- Protection and response for zero-day and unknown vulnerabilities.
The Oligo Difference
- Immediate visibility into the application components running in the environment.
- From reachability to reached: proven evidence of loaded and executed vulnerable functions that are exploitable.
- Over 80% reduction in noise compared to traditional scanning tools.
Goal: Evidence-Based Prioritization for Application Vulnerabilities
One of the largest cryptocurrency exchanges in the world maintains a security-first culture - where it is mission critical to stay one step ahead from a security and compliance perspective. The space is increasingly becoming more regulated, and a security incident drove a heightened awareness around how the exchange was securing the applications that enable it to power billions of dollars of crypto transactions each year.
The exchange’s CISO had a vision to structure their program in a way that best aligns development and security teams - they wanted to empower both groups to remain laser-focused on the vulnerabilities that matter most. In the past, vulnerability backlogs had a tendency to grow to almost unmanageable levels, and there was no real way to understand the application components in their environment, if those components were vulnerable, and if they were actually used in production. To stay a further step ahead, their CISO wanted to also focus on putting mitigating controls in place to protect against unknown vulnerabilities like zero days, given the sharp increase in zero-day exploitation over the past few years.
The exchange needed a solution that could:
- Prioritize vulnerabilities that are actually exploitable within applications - tying security findings to business risk.
- Reduce the noise that comes from traditional, point-in-time application security tools to empower security and development to focus on what matters most.
- Detect code anomalies and stop exploitation attempts - for both known and unknown attack vectors.
The Challenge
The Oligo Solution
To bolster its AppSec program, the exchange deployed the Oligo platform. Oligo was chosen due to its unique approach to securing applications, powered by its patented Deep Application Inspection (DAI) technology. Oligo’s DAI provides customers with end-to-end application visibility through real-time monitoring and context-aware analysis of code behavior to detect vulnerable executed dependencies and prioritize fixes based on actual runtime applications.
This level of deep insight into running applications also enables the platform to identify and neutralize active exploits before they compromise workloads, providing organizations with defensive capabilities against both known and unknown vulnerabilities. As a result, security and development teams can focus exclusively on remediating the most pressing vulnerabilities, while having the assurance that unpatched or unknown attack vectors are protected against.
The Oligo Difference
The leading crypto exchange experienced significant benefits and results upon deploying the Oligo platform to power its application security program.
Visibility and Speed
Prior to implementing Oligo, fundamental visibility into application components was a challenge for the exchange, with the security team relying on traditional scanning tools that required a copious amount of manual intervention to identify and prioritize vulnerabilities. Each flaw had to be manually verified, often taking hours to analyze single dependencies to assess exploitability.
Their CISO understood the importance of runtime visibility into applications to properly protect against known and unknown vulnerabilities, leading the organization to evaluate Oligo. After deploying Oligo, their security team immediately had a clear picture of the dependencies within its environment, which were vulnerable, and which were actually exploitable in runtime.
The result was a real-time and holistic view into the applications powering the exchange’s business, and quicker, more precise prioritization for security and development teams. The security and development teams reduced the time it took to analyze dependencies from hours to just minutes.
Evidence-Based Collaboration Between Security and Engineering
In the past, the exchange’s security organization would surface a bunch of potentially vulnerable dependencies that they thought required attention, leading to backlogs piling up and friction with the development team, given many things weren’t being fixed.
The Oligo platform has helped form a stronger culture between the exchange’s security and engineering functions. Due to Oligo’s ability to trace vulnerable dependencies at runtime down to the function level, the security team is able to provide developers with clear evidence as to why a particular vulnerability requires attention and how best to remediate it. This has allowed security and engineering to operate with a level of precision that wasn’t possible before.
Reduced Noise
The exchange previously had focused a good amount of effort scanning for vulnerabilities in the CI/CD process, which can provide indicators on what is most pivotal to fix, but is far from a silver bullet. Often, this led to developers spending time fixing too many vulnerabilities that weren’t tied to tangible risk.
With the deep visibility that Oligo provides at runtime, the exchange experienced an over 80% reduction in noise compared to traditional tools, while maintaining the assurance that their applications were vulnerability-free in runtime.
Legal and Compliance
The visibility provided to the exchange by Oligo has also led to legal and compliance benefits. By having the most complete view into the application components running in their environment, this has enabled them to surface a real-time software bill of materials (SBOM), enabling legal and compliance to ensure that no restricted licenses are in use.
Defense Against Zero-Day and Unknown Vulnerabilities
Another layer of protection that has been pivotal for the exchange is Oligo’s unique ability to assist in responding to and protecting against zero-day and other unknown vulnerabilities.
With Oligo, the security team can quickly search for the vulnerability within their system, validate whether dependencies are executed and at risk, and get developers to address them. The elimination of manual prioritization steps has allowed the team to better understand if and how they are impacted and take quick action to address it when new zero-days are announced. Additionally, Oligo’s Application Detection and Response (ADR) solution offers ongoing monitoring and profiling of application behavior, helping the exchange identify irregularities and prevent malicious actions, even in cases when exploits aren’t tied to a known vulnerability.
Results & Benefits
Why Oligo?
Oligo protects applications against attackers with the industry’s leading Application Detection and Response (ADR) platform. With Deep Application Inspection (DAI) through real-time monitoring and context-aware analysis, Oligo enables customers to instantly see all of the vulnerabilities in their environments, identify those that matter most, and stop application-based attacks in their tracks.
Zero in on what's exploitable
Oligo helps organizations focus on true exploitability, streamlining security processes without hindering developer productivity.