Case study
Coana Case Study: How GAN Integrity Cut 90% of Vulnerability Noise to Focus on Real Threats
Highlights:
Coana filters out up to 90% of false positives, allowing GAN Integrity to focus only on actionable vulnerabilities.
Security workflows are streamlined without sacrificing rigor, freeing engineers to deliver more value to customers.
Reachability analysis replaces noisy scanning with high-signal results across GAN Integrity’s open source footprint.
Coana's team quickly incorporated feedback, helping GAN Integrity tailor the tool to fit their security processes.
This case study was originally created for Coana. Coana is now part of Socket.
In the world of ethics and compliance technology, GAN Integrity stands out for its high commitment to safeguarding sensitive data. As every other modern software company, GAN Integrity is relying heavily on open source packages, leading to significant challenges in responding to vulnerabilities. For GAN Integrity, traditional SCA tools or vulnerability scanners were falling short, creating a high volume of false alarms that complicated their security processes.
The Challenge: Improving signal-to-noise ratio#
For GAN Integrity, the need to streamline the vulnerability management process was crucial. As Casper Guldberg, VP of Engineering, explains,
“We were dealing with a large amount of noise in our vulnerability scanning processes. It was essential for us to find a solution that could accurately differentiate between real threats and false alarms.”
The Solution: Reachability analysis to streamline application security efforts#
The search for a more effective tool led GAN Integrity to Coana. Coana's reachability analysis provides a game-changing approach, allowing GAN Integrity’s security team to filter out irrelevant security alerts efficiently. By using Coana, the team is able to focus on genuine threats, which significantly improves their vulnerability management process without compromising security.
The Impact: Operational efficiency without compromising security#
The integration of Coana has been significant, allowing GAN Integrity to reduce the noise of the vulnerability scanning with approximately 90%.
“Coana has automated a critical part of our security process, allowing us to confidently ignore a large number of false positives,” says Guldberg. “This shift has streamlined our operations allowing us to stay secure while diverting fewer resources from generating value for customers.”
In a standard application, between 80% and 95% of the results reported by traditional vulnerability scanners are false alarms.
The Partnership: Coana’s dedication to GAN Integrity’s mission#
For GAN Integrity, what sets Coana apart is not just its technological capabilities but also its customer-centric approach.
“Coana stands out due to their responsiveness to our feedback and continuous improvement based on our needs,” Guldberg notes.
This collaborative relationship has been key to the successful integration of Coana into GAN Integrity's processes.
Looking Ahead: Exploring the full potential#
GAN Integrity is eager to explore the full potential of Coana. The advanced technical capabilities offered by Coana, combined with their responsive customer support, ensure a promising and enduring partnership.
GAN Integrity’s journey with Coana is a testament to the significant impact an SCA tool with reachability analysis can have on a company's operations. For businesses looking to enhance their application security with a focus on operational efficiency, GAN Integrity's experience with Coana provides a compelling example.
Interested in Socket for your organization?
Schedule a demo with our team and try Socket.