Supreme Lending Enhances API Security with APIsec

By integrating APIsec into its vulnerability management program, Supreme Lending significantly enhanced its API security testing capabilities, ensuring comprehensive coverage and real-time risk management. This collaboration led to efficient deployment and quick time to value, proving the effectiveness of proactive and continuous API security measures in protecting sensitive data in a highly regulated industry.
Published: 
June 1, 2024
Read Time:
5 minutes

The Business Impact:

100% automatic daily coverage

From 20% manual coverage in less than the first 30 days

3 weeks to 2 hours

Improve time to deploy from 3 weeks down to 2 hours

100% vulnerabilities to development

Deployed in 30 days

Mark Nagiel

Mark Nagiel

CISO, Supreme Lending

"Comprehensive API security testing can be a big challenge. Not only are there dozens of security categories that we wanted to test for, but it was also important that we were running tests every time the code changed. Our primary focus with APIsec has been the thorough nature of the way the scans are executed. We are now confident in the breadth, depth, and cadence of the API security testing portion of our vulnerability management program.”

About Supreme Lending

Company: Supreme Lending
Founded: 1999 by Scott Everett
Industry: Mortgage Lending
Recognitions:

  • “Best Places to Work” by American City Business Journals (past five years)
  • Inc. 500/5000 company (five consecutive years)
  • Top 100 Mortgage Companies in America by Mortgage Executive Magazine (2013, 2014, 2015)

Supreme Lending is a full-service mortgage lender dedicated to helping individuals secure the right loan for their homes. Their mission is to provide exceptional home-buying experiences and foster lifelong customer relationships.

Business Challenges

Supreme Lending operates in a heavily regulated industry where the security of sensitive data is paramount. With the expansion of its API usage, the company recognized the need to enhance its vulnerability management program to include comprehensive API security testing.

Key Requirements

  • Run comprehensive API tests during development and in live production environments.
  • Integrate seamlessly with their existing CI/CD pipeline.
  • Provide detailed, actionable reporting for executives, security teams, and developers.

Solution

After an extensive review of API security solutions, Supreme Lending chose APIsec for its robust, automated, and continuous API testing capabilities. APIsec integrated seamlessly with Supreme Lending’s existing vulnerability management processes, enabling real-time validation and detailed insights into API security challenges.

Features of APIsec:

  • Pre-production and continuous API testing
  • Seamless CI/CD pipeline integration
  • Comprehensive reporting and dashboards

Testing Coverage

Comprehensive API security testing can be a big challenge. Not only are there dozens of security categories that we wanted to test for, but it was also important that we were running tests every time the code changed. Our primary focus with APIsec has been the thorough nature of the way the scans are executed. We are now confident in the breadth, depth, and cadence of the API security testing portion of our vulnerability management program. ~Mark Nagiel

Speed to Value

"Through the integration process, the APIsec team was working alongside us, making it really, really simple. Across the dozens of solutions we’ve deployed, APIsec is in the top three easiest to deploy and fastest time to value.” ~Mark Nagiel

Simple to Use

"APIsec greatly simplified our API security testing process, is very efficient for our security team to use, and fits very nicely into our existing Vulnerability Management Program.” ~Mark Nagiel

Future Focus: Sustaining API Security Excellence

Looking ahead, Supreme Lending is committed to maintaining the highest standards of API security. The company plans to:

  • Expand Testing Coverage: Continue broadening the scope of API security tests to cover new functionalities and services as they evolve.
  • Enhance Automation: Increase automation within their security processes to reduce manual intervention and accelerate response times.
  • Regular Training: Invest in ongoing training for their development and security teams to keep them updated with the latest security practices and threats.
  • Collaborate with APIsec: Strengthen their partnership with APIsec to leverage new features and updates that enhance their security posture.

By focusing on these areas, Supreme Lending aims to stay ahead of potential threats and ensure robust protection of their sensitive data, reinforcing their commitment to security and customer trust.

Conclusion

By integrating APIsec into its vulnerability management program, Supreme Lending significantly enhanced its API security testing capabilities, ensuring comprehensive coverage and real-time risk management. This collaboration led to efficient deployment and quick time to value, proving the effectiveness of proactive and continuous API security measures in protecting sensitive data in a highly regulated industry.

Do you want to join Supreme Lending and some of the world’s most successful companies that rely on APIsec to protect their APIs? Contact our team today to schedule a demo or get a free vulnerability assessment.