Customer Success Stories
Magento selected RIPS technology to enhance the scanning capabilities of all Magento products. Using RIPS API, Magento streamlined its Threat Intelligence pipeline to provide automated scanning and threat identification. RIPS Tech team support is outstanding, ensuring Magento an easy set up and operational excellence.
After an evaluation, FLYERALARM selected RIPS On-Premises as the only SAST solution with a dedicated focus on the complex PHP language. FLYERALARM scans its large applications with 1.8 and 2.5 million lines of code in only 12 and 20 minutes. The false positive rate was measured to be at only 1-2%.
Security is fundamental to Datto's software development process. RIPS and its easy integration into our DevOps tools enables us to manage our risks and to detect vulnerabilities earlier in the development cycle before the code moves into production. In our evaluation we chose RIPS because it offers meaningful and accurate results for our custom API implementation as well as for popular frameworks. The continual support from the RIPS team is timely and exemplary.
We've been using SAST products from a couple of big and well known vendors but the results we were getting were little more than elaborate script searches with too much noise resulting in a painful waste of time. RIPS provides highly accurate analysis finding bugs that were not detected by the other tools.
With hundreds of contributors around the globe and over 25,000 commits, tracking possible security bugs becomes a challenge. By partnering with RIPS and by using its extensive automation and integration capabilities, we are able to add another strong layer of security testing to our code base.
Partnering with RIPS allows TYPO3 to be more efficient and find all possible attack vectors quickly. This increases our ability to have new open-source code already analyzed by RIPS before it is released to users. The TYPO3 security team is able to focus on security improvements for next versions, rather than repairing old versions.
When using a SAST tool at Core Security the most crucial features are the precision of the results, the amount of false positives, and the speed. RIPS' performance and accuracy prevails over any other SAST tool we have seen. We are happy to have found a tool that meets our expectations and, contrary to other tools, saves us time instead of increasing our work load due to false positives.
As a developer I'm aware of security risks on the internet and I'm doing everything possible to prevent abuse of the applications I'm building. With RIPS added to my toolchain I can detect more advanced security vulnerabilities myself and deliver a safer solution to our clients, improving the quality of applications one test at a time.