A case study about security
automation and AppSec effectiveness
Founded in 2010, Trendyol has grown to be the largest e-commerce company in Turkey by reaching the decacorn status in 2021. After the investment of Alibaba in 2018, the company also started to serve in many European countries and expanded into new lines of business such as second-hand clothing and on-demand delivery. Massive operations and rapid growth of the tech team required an efficient and scalable AppSec program to keep up with the speed of company growth accompanied by a proliferation of applications.
With development teams growing each day, it was frustrating for security teams to make sure applications were shipped to production without exploitable vulnerabilities. Manual processes were time-consuming and with security and development teams working in silos, the lack of collaboration hindered security from being an integral part of software development processes.
A plethora of findings discovered by various automated tools and manual activities were scattered across different interfaces which were challenging for the security team to keep up with.
That is when our paths crossed with Trendyol security team and with their vision to support promising start-ups in the security space, we started working together to find creative solutions to their problems.