Securing Sensitive Healthcare Data Through Comprehensive Penetration Testing

Challenge

BluByrd has a lean, security aware team with big growth ambitions. Serving the healthcare industry, BluByrd knew that one HIPAA violation would cost $100-50K per patient record and the average healthcare breach rose to $9.42M in 2021. They needed a partner who was startup friendly so they could keep moving business forward, achieve SOC 2 compliance, and get a level of assurance that their application is secure. 

Solution

BluByrd selected a penetration test provider who could help them protect confidential patient information, sensitive records, and manage their reputational risk. Software Secured’s team conducted a 3 week high assurance manual penetration test to assist BluByrd in achieving this goal. 

Having worked in healthcare for decades, we knew investing in security is the right thing to do. As I always say “Buy once, cry once” - we felt supported by the team at Software Secured throughout the entire process and know that our clients, partners and team all have assurance that our product has been put under rigorous penetration testing conditions.” 

Stephanie Jones,
VP of Operations at BluByrd 

‍

Benefits

Software Secured’s team was knowledgeable, with years of experience pentesting with some of the most trusted security brands (Trend Micro, CIRA, Forescout Technologies) combined with AWS security expertise (AWS Certified Security - Specialty, AWS Certified SysOps Administrator - Associate). Software Secured also had first hand experience building SOC 2 compliance security programs and a deep understanding of what high growth SaaS startups need to grow their security program as they prepare for their first funding round. 

Results

Software Secured lived up to their reputation of finding meaningful security risks. Their team discovered several critical vulnerabilities, immediately advised BluByrd using a shared Slack instance, and were able to retest quickly to ensure the risk was eliminated. This allowed BluByrd to do more than check the box; penetration testing with Software Secured helped them mitigate financial and reputational risk that all growing SaaS firms face. 

Focusing on SOC 2 compliance means I’m constantly balancing security and compliance requirements. Knowing we selected a Canadian pentest partner who actually cared about us meeting our SLAs and learning more about secure coding practices made the work feel less lonely. Like we had a partner we could depend on.” 

Kristi Schneider,
DevSecOps Lead at BluByrd