The problem
A payment processor’s most valuable asset is a reputation for trust and security. The manifestation of that reputation is its PCI accreditation. Without it, they’re simply out of business.
To maintain that accreditation, companies are required to perform regular penetration testing and fix any issues immediately. It was during this routine testing that the payment processor ran into its worst nightmare: more than 100 critical issues, all requiring major development remediation. They brought in experts to help, but things only got worse. Large portions of code were damaged in the attempt to fix the problems, and, after a full year and millions of dollars, the number of critical issues had actually increased by 20%.
With just six months left before they would lose their accreditation (and their business), the company added RedShield to the team.
The solution
RedShield started by targeting the application with the most issues, and proposed a shielding trial. The payment processor supplied the relevant penetration test report, and gave RedShield 72 hours to address the issues. Well before the deadline, RedShield demonstrated that the shields repaired 20 of the 22 penetration test findings.
Over the course of the next three weeks, RedShield addressed issues with more than a dozen applications, resolving all of them.
The results
RedShield was able to solve more than 100 critical issues that had previously stumped teams of software developers, system integrator engineers, and WAF services. The payment processor passed its PCI audit with flying colours.
“We thought we had chosen the safe option with big vendors with lots of capability and specialists. In the end, it turns out that, due to RedShield’s singular focus on our sort of problem, they actually have more experience and capability than the big guys. Thanks RedShield— you got us out of a really difficult situation.”
— Payment Processor Executive
