Search Go hack yourself with Detectify

An EASM blog from Detectify

Jesse Wojtkowiak, Pipedrive: “Detectify creates efficiency”

December 12, 2016

Pipedrive is a sales pipeline management tool that helps teams analyse their sales process and focus on what matters most. Founded in 2010, the company now helps over 30.000 customers around the globe increase their productivity and take their sales to the next level. Jesse Wojtkowiak, Information Security Manager at Pipedrive, has been working in security related environments his entire life and says the workload is higher than ever before, which is why efficient security solutions like Detectify are extremely valuable.



How did you get into security?
I was in the navy for 22 years and worked primarily in the fields of operational and physical security.  After I retired from the navy, I went back to school in Tallinn to study cyber security and start a new career.

Does security play a role in your customer dialogues?
It definitely comes up and it’s not just about security. Customers are also concerned about privacy and regulations like the GDPR.

Are people becoming more aware of security threats?
The media is doing a good job of making sure people know what’s happening, especially in America. People are affected directly by scams and credit card fraud. American credit card companies are required to protect customers and offer insurance, but that’s not the case in Europe and most of the rest of the world, so it’s also a question of responsibility.

How did you hear about Detectify?
We spend around 10% of our time researching new solutions and we found Detectify via an investment group. We took a closer look and it seemed like a tool that could work well for our application.

How do you use Detectify?
We scan our application and our blog, and we also scan behind login. We run the scans once a week and use the JIRA integration to get the results to feed automatically into production. This way, we can do a risk assessment, assign findings to developers, brief them, and monitor the resolution.

For us, Detectify is becoming more and more about security efficiency. You can do security all day long and there are just not enough hours in the day. Anything that creates efficiency is very valuable.  We feel that Detectify and Pipedrive are growing at a complimentary pace.

What is it like to work with Detectify as a company?
The communication is quick and responsive. If we come across something we don’t understand, there’s always someone who will get back to us and explain the vulnerabilities. We have tried some bigger scanners that are enterprise-focused and it can take days to talk to someone, so Detectify is a better fit for how we operate.

What are the challenges of working with security?
Not much has changed in security, there’s just more of it and the amount of time you spend working on security has increased exponentially. Keeping up with the workload is a challenge and efficiency is key. Detectify frees up more time to do other things and even simple features like the JIRA integration save time and provide so much value.

There is no silver bullet when it comes to protecting the external attack surface or your web applications. You need a modern security toolbox that leverages crowdsourced security to help you continuously monitor and scan your assets for anomalies. Automated vulnerability security tools like Detectify go well with bug bounty programs and manual pentesting by maintaining a constant level of automated security testing. See what Detectify will find in your attack surface with a free 2-week trial. Go hack yourself!