Mural Uses Oligo to Enhance Zero-Day Response & Customer Relationships

Zero-Day Triage and Customer Reassurance

Zero-day vulnerabilities and the security fire drills that follow are a regular hazard for AppSec leaders. Maanul Shrivastava, Head of Application Security at Mural, knew there had to be a better, faster way to triage these vulnerabilities in the minutes and hours after publication.

One of the biggest challenges during zero-day response for Maanul’s team: reassuring customers that applications were safe and that Mural maintained a strong application security posture. He needed a solution that would help the team rapidly identify exploitable vulnerabilities in their environment, the moment a new zero-day vulnerability made the news.

Maanul chose to deploy the Oligo Application Defense Platform due to a key differentiation from any other product available on the market—the certainty Oligo offered for its results. Oligo’s real-time monitoring capabilities can identify which vulnerable libraries and functions have been executed at runtime, with full, visual proof of reachability.

When Maanul saw Oligo, he knew he’d encountered a unique solution to his challenges. “No other software solutions offer the same functionality with the same level of certainty and accuracy compared to Oligo, because other solutions primarily use heuristic-based approaches,” he said.

After finalizing the deal, Maanul quickly started to operationalize the Oligo platform in his environment. “Deployment was quick and easy, and within 10-15 minutes, I was able to validate Oligo’s findings,” he said.

“Using Oligo, we’ve been able to re-prioritize exploitable issues for remediation, validate when a fix has been deployed to production (versus it being committed to the development environment), and make recommendations on migrating or upgrading infrastructure and technology.”

Using the Oligo platform, Mural has been able to accelerate its triage of zero-day vulnerabilities and rapidly prove Mural’s strong security posture to customers. “We’ve been able to quickly assess the impact of zero-day vulnerabilities and accurately classify a CVE’s exploitation risk in our environment,” said Maanul. “There have been quite a few new CVEs discovered since our installation, and we’ve successfully used Oligo to better understand our exposure and communicate with customers.”

Each month, Mural’s security team reports on vulnerabilities present in their applications. Using Oligo to find conclusive proof of non-reachability for a large majority of theoretical vulnerabilities in Mural’s products, Maanul has been able to shrink the critical and high vulnerability numbers for these reports by 90 percent.

Maanul has also been able to directly reassure customers seeking information about Mural’s exposure to a particular vulnerability. “Customers want to know quickly whether these issues could have a security impact for them. With Oligo, I can show them that there isn’t a risk and help them understand exactly why that risk isn’t present.”