About Brightidea

Brightidea is an industry leader in innovation program management software. Brightidea is passionate about innovation, believing it’s the lifeblood of progress, advancing the human condition, and improving the world around us. To that end, they’ve set out to accelerate the success of innovation by empowering those behind it with advanced software to facilitate and streamline the ideation process—and the collaboration it thrives on.

For more information, visit brightidea.com.

NetSPI Solutions

Penetration Testing as a Service (PTaaS)

Industry

Software

Employee Count

1-200

Headquarters

California, United States

The challenge

Brightidea has engaged with NetSPI since 2014 for web application pentesting for their SaaS (Software-as-a-Service) application that they develop and sell.

Their main goal is to have a clean bill of health for their product from a cyber security perspective. Brightidea moves quickly to roll out new product features and enhancements, meaning there’s a lot to keep track of and ensure there are no vulnerabilities or cyber security concerns. The cyber security team is continually trying to keep up with the fast pace of development and support the existing product.

Feliks Beygel, Director of Cloud Operations at Brightidea, feels much better about Brightidea’s cyber security posture today, especially as they have prioritized cyber security and privacy. When they first started testing with NetSPI, there were a lot of critical and high findings, but they have focused on remediating all findings as quickly as possible to obtain a clean bill of health report. And each year, they have fewer and fewer findings.

NetSPI’s pentesting has been the primary security validation for Brightidea and the third-party report has become a critical part of their sales process and overall security position.

Why Brightidea continues to work with NetSPI

  1. Better results: Compared to other penetration tests BrightIdea has conducted, NetSPI delivers better results and fewer false positives. NetSPI finds actual real vulnerabilities and doesn’t report false positive issues that waste precious time and energy of the Brightidea team to comb through and validate.
  2. Clear, digestible report makes a smooth path to remediation: “The format, quality and detail of the results report we receive from NetSPI has exactly what we’re looking for,” said Feliks. “The report includes clear evidence about each vulnerability, how to replicate each one, and we don’t typically need to ask for clarification. This makes our path to remediation clear, quick and easy.”
  3. Customer satisfaction: Brightidea sells their SaaS product to hundreds of leading global brands, including Accenture, Bayer, Cisco, GE and MasterCard – and their customers are satisfied with the penetration testing and clean bill of health report provided by NetSPI.

Considering working with NetSPI? Here’s what Feliks would tell you

“The results we’ve received from NetSPI are higher quality – they’re real issues and not just automated scan results. A lot of times, we feel other pentesting companies run an automated scan and just send us a report full of false positives or non-material issues,” said Feliks.

“Since the results are a much higher quality, our team doesn’t have to spend significant time filtering through the results. We only get the important issues – so our time and energy are focused on what matters.”