BMW had a cybersecurity problem: The luxury car maker has a huge number of applications, and it needed to penetration-test them all. The thing is, those tests are both expensive and time-consuming. The road ahead was clear: It had to get to automated security tests. During Android development, their developers couldn’t provide the penetration tests continuously during software development — rather, they could only deliver those pen tests at the end of a software delivery life cycle.

In this video interview, Brono Korenko, IT Specialist of Test and Automation at BMW, explains how the company managed to grease the wheels on securing its application by shifting left with Contrast. “Now, because we are able to speed up our our application security testing, we are able to replace the security tests from the end of the software delivery life cycle to the beginning and during the whole life cycle,” Korenko explained. “It means we are able to provide more security tests in a much shorter time, and we are able to ensure security even on the local developer machine during coding and to avoid uploading code with vulnerabilities to BitBucket or GitHub.”

What that  means: BMW is increasing security quality and accelerating security tests — and, to top it off, it’s saving money. After all, penetration tests are pretty expensive, he notes. “We are saving a lot of cost, and a lot of effort, for penetration tests,” Korenko says.