Case Studies /

Fuzzing for server-like programs

Find out how Hollerith (Scantist's Smart Fuzzer) helped our client, Big Telco, disclosed exploitable vulnerabilities despite its server-like programs which rendered existing fuzzing solutions infeasible.

Background

One of the largest banks in Asia was looking to make the transition to DevSecOps in an attempt to embrace the latest development workflow for fast-paced and secure development. An SCA solution was identified to be a necessary component for the transition and Scantist was tasked to demonstrate our capabilities in this regard.

Solution

Our objectives were simple – to seamlessly identify security and licensing risks through the use of open-source components for our users with any level of security expertise, which in turn would greatly increase the productivity of their development teams.

Scantist's SCA ran on a core web application built using Java's Maven framework and was integrated into the Jenkins build pipeline. Scan results could be viewed via the all-in-one browser-based dashboard as well as through specific and curated exported reports.

The Facts

Scantist's SCA was effectively able to map the application's open-source inventory and presented the following issues:

Dependency Analysis

- 815 Transitive Dependencies

- 54 Direct Open-Source Library Dependencies

- 778 Vulnerable Transitive Dependencies

- 8 Vulnerable Direct Dependencies

Vulnerability Breakdown

- 8 High Criticality Issues

- 4 Medium Criticality Issues

- 14 Direct Vulnerabilities

License Analysis

- 3 Direct Dependencies with Restrictive Licensing Terms

Reduced Remediation Time

Recommended remediation suggestions were given which resulted in an **85% reduction** of time and effort required to fix vulnerabilities.

Reduced Risk of Data Breach

An average data breach costs **US $3.886 million** globally. By eliminating open-source related vulnerabilities, Scantist helped reduce the application's risk of data breach from **32% to 24%** (annualized savings of **US $310,000** on average).

Reduced Identification Time

Our solution reduced the time taken to identify vulnerabilities by **90%**, translating to tremendous cost savings on operations and quality assurance.

Other Benefits

1. Greatly Improved Release Times with Automated Security Checks

2. Higher Velocity of Development and Maintenance Enabled by Risk-Free Use of Open-Source

3. Reduced Friction Between Security and Development Personnel

4. Improved License Compliance and Risk Management with Regards to Open Source Use

5. Legal Defensibility in Case of a Breach

Start Securing with Scantist

Protect yourself from widely known open-source vulnerabilities in 90% of all your code with an automated solution to detect and remedy vulnerabilities, all while increasing the productivity of your valuable developers with no security expertise required.

Solutions
Secure Supply Chain ManagementGovern Open Source ChoicesStreamline DevSecOps IntegrationAI Agentic Security
TrustX App Defender
Software Composition AnalysisStatic Application Security TestingInfrastructure as Code ScanningApplication Fuzzing TestCode Snippets TraceabilitySBOM Center
TrustX AI Defender
AI DefenderCrypto DefenderAgentLisa
AgentX & ResearchX
Compliance EnablerDeep License VerifierBlogsResearchCustomer StoriesNTU DevSecOps Course
Company
About UsCareersContact UsFree TrialBook a DemoTerms & ConditionsPrivacy
More
PricingDocs
© Copyright 2025, All Rights Reserved by Scantist Pte. Ltd.
Address
[email protected]
71 Ayer Rajah Crescent, #04-01
Singapore 139951