Mxi Case Study – OWASP Compliance

Executive Summary

MXI is the Ottawa-based developer of Maintenix, an aviation maintenance management software solution that many of the world’s leading airlines depend on. As MXI expanded to provide its solution to ever larger airlines in the US and elsewhere, more and more questions arose regarding the company’s adherence to application security. In order to eliminate this objection to further sales, MXI enlisted Software Secured to help:

  • Accurately assess Maintenix compliance to Open Web Application Security Project (OWASP) Top Ten.
  • Provide a demonstrable plan with accurate timelines to remediation and compliance.
  • Provide proof to their potential clients that MXI takes security seriously.

The Challenges for MXI

MXI employs senior engineers and architects with deep knowledge of the technical aspects of its solution. However, MXI was looking for a team of security experts who could identify the application security risk in large applications with multi-millions of lines of code.

They also needed to help the development team prioritize.and remediate the findings while minimizing the effect on the deliverables of the development staff.

How Product Helped

Software Secured used our comprehensive approach to application assessments, which combines web application penetration testing and security code review to assess Maintenix. The Software Secured team effectively helped MXI reach OWASP Top Ten compliance status, which led to MXI closing a deal with one of the largest operators in North America.

Using the Software Secured managed application security service, MXI was able to integrate application security into its software development life cycle, which gave the company peace of mind that clients’ data is protected from application-level attacks, as well as the the ability to show clients immediate evidence of adherence to application security best practices.

Results, Return on Investment, and Future Plans

Not only did Software Secured help MXI become OWASP Top Ten compliant, we also provided a detailed code audit and a prioritized list by risk of the issues that could lead to cyber attacks. Software Secured also provided remediation steps to fix these issues. MXI was able to provide the assurance and guarantees required by its clients. More and more customers are requesting proof that your software has no security vulnerabilities. With Software Secured on your team, you will have one less hurdle to overcome in your sales cycle.