Skip to main content

Exposed to Potential Risks, a Global Airline Group Switched to Automated Vulnerability Intelligence Program

article banner

Overview.

Headquartered in London, our client is one of the world’s largest airline groups with 598 aircraft flying to 279 destinations and carrying around 118 million passengers every year. The airline struggled with scattered vulnerability and patch management across different suppliers which made it prone to serious security breaches. The airline company was seeking a partner who could offer deep domain industry expertise in vulnerability management to nullify cyber threats. Coforge pitched in with a comprehensive vulnerability management program to address the specific requirements of the airline company.

Challenges.

Different Suppliers for Patch Management

The airline company had various operating companies under its umbrella. Different suppliers were handling the vulnerability & patch management for these OpCos (Operating Companies). As a result, the company fell short of complete transparency and control over environmental risks.

Issues With PCIDSS Compliance

Due to inefficient vulnerability management through suppliers, there were issues with the PCIDSS (Payment Card Industry Data Security Standard) audits.

Long Patching Cycle

The client was witnessing a staggering number of false positive vulnerabilities identified in every scan coupled with a longer patching cycle extended to 90+ days.

The airline company wanted a trustworthy partner who could deliver the services using customers’ existing tools and coordinate with the foregoing vendors for penetration testing.

Solution.

  • Devised a comprehensive vulnerability management program that can be deployed throughout the organization along with addressing the specific requirements of all the OpCos.
  • MASTER framework for transformation of vulnerability management program via pre-designed use cases and scenarios.
  • Integrated a vulnerability intelligence platform for real-time threat modeling.
  • Designed and implemented a centralized dashboard for the entire IT environment of the customer.
  • Quarterly consultation workshops with industry experts.

The Impact.

  • Automated scanning and risk-based vulnerability management program
  • Upgraded security policies and control for improved remediation
  • Centralized risk management dashboard for a unified view
  • Cut down false positives from 61% to 43% within the first quarter
  • Marked down vulnerability cycle from 90+ days to 60+ days
  • Real-time vulnerability alerts through threat intelligence platforms
  • Near zero service transition

If you are looking for an experienced partner who can help you with a precise vulnerability management program that fits your company’s unique needs, we are just a message away. Fill out this contact form and our team will reach you.

Bring us your challenge.

Let’s Coforge your next success story.

Related reads.

WHAT WE DO.

Explore our wide gamut of digital transformation capabilities and our work across industries.

Explore