East Ayrshire Council have over 5,000 employees and a vast IT infrastructure. They needed a tool that could scan their internal and external environments, with a price tag that was right for a local authority. Read on to find out how AppCheck could help.

Who are you? Tell us a bit about yourself.

East Ayrshire Council covers almost 500 square miles with a population over 120,000 which is spread over rural and urban communities. As a local authority we have over 5,000 employees and a vast IT infrastructure.
Our ICT Security team has overall responsibility for securing the East Ayrshire Council infrastructure.

What was the business need for AppCheck?

At the time, PSN accreditation was an annual requirement for all councils. We had a yearly health check which included manual penetration testing.
We had a demo of AppCheck as we knew this could scan internal and external environments and we liked the tool. The pricing was right, which is always great for a local authority.

What were your main challenges with security before AppCheck?

Our existing internal vulnerability tool alerted us to the existence of some vulnerabilities, but not all.
Using AppCheck we can now scan our full estate whenever required, check before we take any remediation and stay on top of vulnerabilities before they have chance to become a problem for us.

Why did you choose AppCheck over other vendors?

We compared AppCheck to our existing vendor through the free trial option and realised that it had functionality that our existing product did not.
We started off with the web application scanning tool and, as things moved on, started using the internal infrastructure scanners, all of which was updated frequently.

Sum up your experience with AppCheck in one line

AppCheck provides us with excellent visibility and gives us full coverage of our external and internal assets.

What has been the impact of using AppCheck?

AppCheck provides great visibility of vulnerabilities in our estate and how to remediate them.
You can leave it to run the scans, it’s fairly unobtrusive – it just runs in the background.
We just set up scheduled scans, they complete with no issues, just running in the background and not requiring too much TLC.

What is your favourite thing about AppCheck?

Definitely the internal scans, as we can now see our internal assets – this gives us a much wider scope.
We can use the results to identify which part of the team needs to deal with the specific issue AppCheck finds and can assign actions through the tool. AppCheck gives us a lot of information and great remediation advice on how to fix vulnerabilities.

What advice would you give to other companies looking to manage vulnerabilities?

Scan regularly, review the scan and take action on the scan. Regular testing is the only way you’re going to discover vulnerabilities and deal with them before they become a problem.

Download the PDF here

Further information

If you feel your organisation could benefit from regular vulnerability scanning then why not take a free trial scan? Simply click the link below to get started.