One of India’s largest ridesharing platforms built a collaboration tool, Jackhammer, to enhance security within the organization. Today’s threat landscape is so advanced and terrifying that cybersecurity is no more an afterthought for big or small companies.Research firm Gartner predicts that global cybersecurity spending will reach USD 86.4 billion in 2017, and is expected to grow to USD 93 billion in 2018.Ola is one of India’s largest and most popular platforms for ridesharing that allows customers to book cabs, bikes, shuttles, and autos using a mobile application. The Bangalore-based company wanted a robust security tool that would bridge the gap between the security team, developers, QA, TPMS and senior management to have clearer insights and visibility into the security hygiene of the company, and allow continuous integration and fast paced deployments throughout the day. Integration made easy The organization developed Jackhammer, a collaboration tool with an inbuilt vulnerability management capability, which could also do static and dynamic code analysis. Ola’s security engineering team built the whole project from scratch.Mohd. Shadab Siddiqui, head-Security at Ola, is confident that the suite is capable of analyzing code, web apps, mobile apps, network, and content management systems via combinations of various proven tools. “It also uses machine learning and the reports generated are available to developers or security teams so that users get a comprehensive view of what their business unit looks like in terms of security,” he says. Highlighting one of the best features of the suite, he points out, “The tool is easy to understand regardless of who you are: Developers, QA, senior leadership or security team.”It is also allows scalability and it’s capable of integrating new tools. “We have a dockerized orchestrator model where a user can individually scale the tools plugged into the suite and the orchestrator automatically load-balances the tools via maintaining a whole registry and therefore the scans are all running in concurrent mode. Moreover, every tool runs in its own sandboxed environment so that the user need not worry about any conflicts of tools and environments,” Siddiqui explains. Standardized security“The suite plugs into the CI systems and Git via hooks, so that the user has complete control over changes taking place in the repository. The entire suite is designed to make security a standard, he points out.As it is an open-source platform, security engineers as well as senior leadership can have a view of everything going on within the organization.Also, it is integrated with advance alert systems that can send alerts in the form of SMS, email, Slack, and Pagerduty, etc. “It has an integrated vulnerability manager, which can be plugged in to ticketing systems like Jira so that nothing slips through the cracks,” adds Siddiqui. Related content brandpost Sponsored by AWS in collaboration with IBM How digital twin technology is changing complex industrial processes forever As the use cases for digital twins proliferate, it is becoming clear that data-driven enterprises with a track record of innovation stand the best chance of success. By Laura McEwan Dec 05, 2023 4 mins Digital Transformation brandpost Sponsored by AWS in collaboration with IBM Why modernising applications needs to be a ‘must’ for businesses seeking growth Around one-third of enterprises are spending heavily on application modernisation and aiming for cloud native status. The implications for corporate culture, structure and priorities will be profound. By Laura McEwan Dec 05, 2023 5 mins Digital Transformation opinion 11 ways to reduce your IT costs now Reorienting IT’s budget toward future opportunities is a big reason why CIOs should review their IT portfolios with an eye toward curbing unnecessary spending and realizing maximum value from every IT investment. By Stephanie Overby Dec 05, 2023 11 mins Budget Cloud Management IT Governance news analysis SAP faces breakdown in trust over innovation plans The company’s plan to offer future innovations in S/4HANA only to subscribers of its Rise with SAP offering is alienating customers, user conference hears. By Peter Sayer Dec 05, 2023 6 mins SAP Cloud Management Innovation Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe