Crypto Derivates Platform BitMEX recently collaborated with Zühlke to enhance their application security program. This partnership focused on refining BitMEX’s security operations and prioritizing new application functionalities, with a particular emphasis on integrating DevSecOps processes across their development pipeline.
The initiative was driven by the need to adapt to the changing security landscape and the fast pace of software development. BitMEX, known for its stringent security measures and having never lost cryptocurrency assets, recognized the necessity of updating their security testing methods.
Zühlke’s role was significant in helping BitMEX transition from ad-hoc security testing to a systematic DevSecOps model within 12 months. They assisted in implementing integrated security testing processes, training developers in secure coding practices, and establishing a secure, functional CI/CD pipeline.
The collaboration’s objectives also included introducing comprehensive application security testing and a “shift-left” approach in security testing. This approach aimed to incorporate security considerations early in the software development life cycle.
Another aspect of the partnership involved deploying asset security controls and adopting configuration-as-code, which enabled BitMEX to prioritize threats and consistently monitor for suspicious activities.
The project aimed to balance maintaining high security with supporting rapid software development. Florian-Alexandre Bielak, Chief Information Security Officer at BitMEX, noted the importance of the right team and processes in strengthening their security ecosystem.
“With the right people, a refined set of processes and a selection of consolidated security tools as the linchpin, BitMEX was able to construct a stronghold that amplifies the effectiveness of our overall security ecosystem,”
said Florian-Alexandre.
This cultural shift empowered BitMEX to move away from a “click-ops” model, where governing change controls becomes more manageable as complexity grows.
Kaushal Silva Ranpatabendige, the Lead Engagement Manager at Zühlke, also pointed out the shared culture of empowerment and collective success between the two companies.
“The culture at BitMEX is one very similar to Zühlke. We are a team that is empowered to speak up with courage, challenge and be challenged, and always put the success of the entire organisation first,”
went on Kaushal.
Overall, the partnership between BitMEX and Zühlke marked a notable shift for BitMEX in enhancing its security measures and development processes in just over 12 months, aligning with the evolving demands of the cryptocurrency market and security standards.
