Internal pentest reports filed by a large government agency's divisions consistently indicated no major vulnerabilities found. Yet, one of those divisions found itself in the headlines for a major cyber breach. Synack was engaged to help because of the power and flexibility of its security testing platform. Approximately one-third of the 1,150 vulnerabilities found by Synack were of a high or critical severity. Based on these and other findings, the agency was then able to improve its Approval to Operate (ATO) process, an internal checkpoint before application deployment, which further reduced its potential attack surface.
