PWSLab Client Story Thoughtstar

How PWSLab supported Thoughtstar to achieve secure weekly mobile releases.

About Thoughtstar

Thoughtstar is a technology company that produces business-intelligence analytics search software. They develop business intelligence products and big data analytics platform that helps users explore, analyse and share real-time business analytics data easily.


Software Company


Product Development Security Vulnerabilities

Featured Service

PWSLab DevSecOps

Business Challenge

At Thoughtstar fixing security vulnerabilities was a slow process and was always someone else’s problem. Creating automated testing tools and remediation plans was just too hard. Thoughtstar infrastructure and applications needed an upgrade. Thoughtstar had to transition to DevSecOps or fall behind.

For a large company like Thoughtstar transforming to a DevSecOps environment was never going to be easy; it was important to start with a low-risk product. They needed to do it well, quickly and securely.

PWSLab was just the beginning

Using PWSLab security is embedded into the development workflow, developers can get feedback on the security of their code as they are working, they can remediate in real time, and free up the security team’s time to focus on monitoring issues, assessing risk, and solving vulnerabilities that can’t be fixed by the developer. By continuously testing even small, incremental code changes, an avalanche of work is avoided at the end of the SDLC.

Using PWSLab, every merge request is automatically tested using static application security testing (SAST), dynamic application security testing (DAST), dependency scanning, container scanning and license management. Vulnerabilities can be efficiently captured as a by-product of software development.

Automated Vulnerability Management Scanning

PWSLab is capable of being integrated via API with Vulnerability Scanning Tools like SonarQube for infrastructure and web application scanning. The real-time correlation of active threats against identified vulnerabilities helped identify the following:

  • What assets are subject to known exploits
  • Any new threats that may pose an immediate risk to the business


  • They began by adding security into organizational language and culture and by changing their internal security ethos. But for real success, Thoughtstar engaged stakeholders, added security skills to developers, and business skills to security pros – which all worked towards building and increasing trust.
  • Thoughtstar also added pen-testing into their DevOps process so developers could quickly fix security vulnerabilities and produce clean, secure code. They educated and empowered their team, focused on security engineering, business risk assessments and threat modelling, and they built static application security testing into their pipeline, which made a huge difference in roll-out speed.
  • Since launching DevSecOps, Thoughtstar vulnerability remediation times are down and the team is moving forward with implementing DevSecOps across the organization.
  • The benefits PWSLab DevSecOps brings to companies that embrace it are numerous, including cost reduction, speed of delivery, speed of recovery, compliance at scale, and threat hunting. The cumulative effect of these benefits is an enhanced business reputation for Thoughtstar and a smoother business model. Thoughtstar successfully removed the barriers between DevOps and Security helping them to work as one towards the enterprise business goals without friction.

Benefits Summary


Stay updated

You’ll gain visibility into the status of every software component at any time, and audit trails are automatically captured.


Security in release process

As you release more often and more quickly, you’ll need a platform like PWSLab to integrate security steps as a part of the release process.

quick deployment

Quick response time

Armed with audit trails and full visibility into both development changes and environment status, you’ll be able to respond quickly.

Get FREE DevOps Automation For Your First Project

PWSLab is a single secured solution built for complete Software Development Lifecycle from Design, Development, Testing to Deployments and Monitoring