Unify
Munich, Bavaria, Germany
10,001+ Employees
Unify is one of the world's leading communications software and services firms, providing integrated solutions to approximately 75 percent of the Fortune Global 500 companies. The solutions they offer unify multiple networks, devices and applications into one easy-to-use platform that allows teams to engage in rich and meaningful conversations. Unify has a strong heritage of product reliability, innovation, open standards and security.
Unify develops web-based products, and also provides security services and penetration tests. For a company that is proud of its 160 years of experience in communications technology, it cannot afford to ship vulnerable web applications or not identify all vulnerabilities on a customer's web application during a penetration test.
To retain its healthy customer base and ensure growth, Unify leads by example: the tools that its security professionals use to scan the web applications that are shipped with their own products are also used for all customers' penetration tests. By doing so, Unify also ensures that all customers get the best possible service: one that they trust themselves.
Some years ago, Unify security professionals used to perform manual penetration tests. However, as both their products and customers' web applications grew and became more complex, they needed security tools to keep up with all the new web development frameworks, as well as the growing demand.
By using the right security tools, Unify's security professionals could automate most of the processes and, at the same time, confirm that all potential attack surfaces of a web application were identified. Therefore, by combining manual testing and automated scans Unify's security team could not only save on time and costs, but would also ensure that no stone was left unturned, and that all vulnerabilities and security flaws were identified.
Finding the right web application security scanner is not easy when you need to scan thousands of websites and web applications that are built with so many different web frameworks and run on a variety of web servers.
Considering the urgency of the matter, Unify's security professionals opted for a popular commercial tool, though it soon let them down because of the high amount of false positives it reported. False positives are a big productivity killer, because rather than relying on the scanner's results you have to verify its findings, hence losing all the benefits of automation.
Unify's security experts decided to dig deeper into automation technology.
Unify has been using Netsparker Web Application Security Scanner for almost four years. They scan at least thirty web applications per month and this number is expected to grow. Such a strong partnership could not be possible without outstanding product support, especially in this complex and always evolving industry.
Netsparker has become a valuable tool in Unify's security toolbox. It enables its security professionals to efficiently scan their own web applications, as well as their customers', to highlight the most important security threats before the manual tests complete the penetration test.
Unify is a global communications software and services company. They unify their customers' communications systems. By synchronizing technologies, creating an engaging user experience and weaving communications seamlessly into the way businesses operate, they empower an increasingly mobile workforce to work better together. The result is a transformation of how the enterprise communicates and collaborates that amplifies collective efforts, energizes the business and drives better performance.
“Netsparker are not just another vendor from where we purchase any other software, they are like business partners. We have to trust their products do a good job to ensure the security of our cloud-based platforms, else our business’ reputation could on the line. And Netsparker have earned such trust.”
Read the RPM"As opposed to other web application scanners we used, Netsparker is very easy to use and does not require a lot of configuring. An out of the box installation of Netsparker Web Application Security Scanner can detect more vulnerabilities than any other web application..."
Read the ING“We like Netsparker not only because it is able to be configured quickly, but also the scans themselves are completed quickly, reliably and without false positives (a large timesaver in and of itself).”
Read the Sumeru