Scribd
Upload
14 views

Case-Study Detectify

Uploaded by

John Jimenez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
14 views

Case-Study Detectify

Uploaded by

John Jimenez
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 6

Helping Detectify

make the internet


a safer place
1Password helps Detectify make the
internet a safer place

Weak, stolen, and leaked credentials are one of the biggest risks to
business security today.

Johan Edholm

Co-Founder of Detectify

Key results

Company-wide adoption secures all endpoints

Full oversight of security and access

Automation makes workflows more efficient and secure

Founded in late 2013 by a group of self-described "white-hat hackers",


Detectify builds tools that automate security attacks and monitor websites
for vulnerabilities.

To keep the service up to date, a global network of security researchers or


"ethical hackers" find new vulnerabilities, which are then built into the
Detectify web application scanner and used in customers’ security tests.

"We take the knowledge of a small, but very skilled group, and automate hacker
attacks to help more people and businesses stay secure", explains Johan
Edholm, Co-Founder of Detectify.

Since then, Detectify has received worldwide recognition for its


award-winning security research and counts software companies such as
Trello, Spotify, and King as customers. The company is growing fast, and
after raising 31.2 million USD of funding, that trajectory looks set to
continue.
Finding freedom from password fatigue
As Detectify grew, they quickly recognized the need for a secure way to
manage the hundreds of passwords the team used every day.

"Using strong and unique passwords is one of the best ways to increase your
account security”, says Edholm. But as he points out: “you want to use your
cognitive capacity for something more useful than memorizing a ton of complex
passwords".

“So a password manager was an obvious move for us”, he says. “Using weak
passwords or reusing them isn’t an option, as it puts your business at risk”.
Detectify now relies on 1Password as the foundation of their wider security
infrastructure, using it to safely generate and fill passwords, usernames,
unique PINs, and more.

Making security convenient

1Password has a simple user interface, all the features we need, and is
very healthy security-wise – exactly the combination we were looking
for, says Edholm.

Johan Edholm

Co-Founder of Detectify

"Looking at other password managers we found different kinds of security issues


that didn't inspire confidence”. Others were secure but fell down when it
came to the UI. “They either had too many irrelevant features or lacked basic
features such as browser plugins or cross-device syncing”.

Ultimately, he says, if a tool is difficult to use, people won’t use it. "If a
password manager fails to deliver a good user experience, people might opt-out
of using it at all, or use it in the wrong way”, says Edholm.

Detectify case study 03


Facilitating workflows with security built-in
Detectify uses 1Password for more than accessing and sharing passwords.
Their technical teams use the beta feature of 1Password to one-time share
the credentials they need to build and maintain software, like tokens or
decryption keys.

“It's also useful when creating new accounts in systems where you can’t invite
someone via email, like with rabbitmq. I can just send credentials securely to the
person who needs them", says Edholm.

The team also uses the command-line tool to automate tasks and speed
up provisioning. “It's easy to write a script to create a user on a system and then
add those credentials to 1Password. Then we just log in to 1Password.com and
send those credentials to the right users”.

Gaining full oversight and control


As a security company, it’s essential that Detectify only share credentials
on an as-needed basis. 1Password gives Detectify full administrative
oversight and control over which accounts are shared and who has access
to them. This visibility makes it easy to grant people access to the
information they need to work, while keeping everything else private and
protected.

We create specific vaults for different teams for cases where you can’t
have multiple users, for example, routers, encrypted files, or similar, and
use 1Password for certificates and private keys as well.

Johan Edholm

Co-Founder of Detectify

Detectify case study 04


Detectify also uses shared vaults for the everyday credentials their teams
need access to, like the office entry code or the WiFi password.

“And the two-factor authentication view in Watchtower is really useful. We can


quickly see a list of services that support two-factor authentication (2FA) and
easily check if we have it enabled for those services”, Edholm says.

With 1Password, Detectify empowers its teams to collaborate safely and


work with increased agility. These new workflows, streamlined
administration, and increased security oversight help the company deliver
the award-winning security their growing list of high-profile customers
expect.

Detectify case study 05


COMPANY
Detectify helps you stay on top of security and build safer web
applications. The Sweden-born cybersecurity startup offers a website
vulnerability scanner powered by the crowd.
INDUSTRY
Security, Technology
USE CASES
1Password command-line tool

Watchtower

You might also like