With Cobalt, Sentara Healthcare finds in-depth security testing aligned with healthcare requirements.
Sentara Healthcare is a not-for-profit health system serving Virginia and North Carolina, with 12 hospitals, outpatient care centers, imaging centers, and more. Sentara had interest from their cloud and DevOps teams to test new applications in development and systems the company was migrating to a cloud environment. In an industry that has recently been a big target for hackers, security is one of the most important aspects—that’s where Cobalt’s pentest solution provides visibility into weaknesses and supports remediation
Challenges
The importance of keeping customer healthcare data secure is a top priority for Sentara. To have a secure environment, organizations should have in-depth security testing, and that's where pentesting comes in.
The security team at Sentara Healthcare had received interest from their cloud and DevOps teams to do pentesting on a new application and they were looking for a solution that would integrate better with their team. After a thorough evaluation process, Sentara decided on Cobalt because of three factors: speed, availability, and communication efficiencies.
In prior cases, Sentara had to engage a company and go through a lot of paperwork–– it would take many days to even get testing started. Delays in the testing process can slow down their entire rollout and effectively cost them more money.
Delayed Rollout Process
Sentara had previously experienced delays in the testing process that slowed down their entire rollout and cost the company more money over time.
Limited Visibility
Previous companies Sentara worked with exchanged only a few email messages, contributing to a limited communication flow.
Unvetted Security Posture
In the past, not having an environment vetted and ready to be published would typically set Sentara back in its business goals.
Results
Ease of Communication
With Cobalt, Sentara was able to get testing up and running when they needed it with real-time communication, allowing them to keep pace with the rollout process.
Direct Integration
Cobalt’s Jira integration made getting findings to developers extremely easy, which helped streamline remediation efforts for Sentara.
In-depth Security Testing
Sentara found a pentest solution to keep customer data fully protected with in-depth manual testing.
Cobalt is available before, during, and after the pentesting process and to communicate in real-time if any additional security testing is needed. Sentara was able to request testing for a new system, and within a couple of days, they were ready to go. Cobalt immediately notified them about any critical findings, and the flow of communication was open for Sentara to go ahead and respond in real-time.
With Cobalt as a partner, Sentara can do direct integrations between the Cobalt system and their Jira ticketing system. This makes it easier to get findings out to developers quickly so they can be remediated earlier.
“If we get delayed on the testing process, we don't get a lot of time to fix the issues before the rollout, and a lot of times that actually delays our rollout process. Then, this effectively costs us more money because we have certain expectations from our customers, both internal and external, that an application is going to be available.”
ROBERT GEORGE, PRINCIPAL CYBERSECURITY ARCHITECT
