Complete Genomics

Complete Genomics uses Arnica to automate AppSec vulnerability management within FDA & HIPAA compliance.

Maxim Hudaley
CISO

Table of contents

Heading 2
Heading 3
Heading 4
Heading 5
Heading 6

How Complete Genomics Evolves Their AppSec & Compliance Programs with Arnica

Complete Genomics is a global life sciences company specializing in genome sequencing technology. As a producer and developer of genome sequencers, the company operates within a highly regulated environment, needing to comply with FDA and HIPAA regulations, particularly in cybersecurity and software development.

Costly AppSec Solutions with Integration and Compliance Challenges

Complete Genomics encountered significant challenges in securing its software development while ensuring compliance with stringent FDA and HIPAA regulations. This need became even more pressing when the company shifted its software development and manufacturing operations from overseas to the United States, necessitating tighter control over its source code and regulatory adherence. To address these challenges, the organization implemented a security strategy grounded in OWASP's guidance and aligned with the NIST Secure Software Development Framework (SSDF), reinforcing its commitment to robust security and compliance. 

They initially explored GitLab Ultimate but found it ineffective in detecting vulnerabilities, requiring extensive configuration and retraining of engineers. Additionally, they needed a cost-effective solution that could seamlessly integrate with their existing Bitbucket repositories without disrupting developer workflows.  

According to Maxim Hudaley, CISO at Complete Genomics, ensuring automated vulnerability management, maintaining security standards, and optimizing costs were the key obstacles that the organization needed to overcome in their search for an application security solution.

Key Challenges:

  • Regulatory Compliance: Since genome sequencing involves sensitive health and personal data, Complete Genomics needed to meet strict cybersecurity and compliance standards for secure software development.
  • Transition to US Operations.: The company previously conducted software development overseas but shifted manufacturing and source code control to the United States for compliance and to improve innovation.
  • Managing Software Development Securely: They needed better visibility and control over source code, including vulnerability management, without disrupting existing developer workflow.
  • Evaluating Security Solutions: Initially, Complete Genomics trialed GitLab Ultimate but found it ineffective in detecting vulnerabilities, requiring extensive configuration, and needing significant training for engineers.
  • Need for Seamless Integration: They required a solution that could integrate with existing Bitbucket repositories without extensive retraining or migrating of source code to a new solution.
  • Cost-Effectiveness: Budget considerations were crucial, as alternative solutions were significantly more expensive.

Arnica Offers a Trusted, Flexible Security Solution  

Complete Genomics discovered Arnica at the OWASP Global AppSec conference, where its capabilities quickly stood out among a sea of competitors. After engaging with Arnica, Complete Genomics found that they provided seamless integration with Bitbucket, enabling rapid deployment, AI-driven automated security scans, and accuracy.

  • Better Vulnerability Detection and Mitigation: Unlike their previous solution options which missed key code risks, Arnica successfully identified and flagged the most important security risks, allowing teams to address them proactively with early detection at the time code is pushed and through developer-native workflows to mitigate risks easily.
  • Seamless Integration and Improved Developer Experience: Arnica connected directly to Bitbucket, eliminating the need for developers to switch platforms or engage in hours of costly trainings.  
  • Rapid Deployment: Implementation of Arnica took just one hour, compared to many hours of implementation calls and a prolonged trial process with GitLab.
  • Operational Efficiency and Automated Security Scans: Continuous, AI-driven scanning detected vulnerabilities efficiently and integrated with their existing collaboration tools including JIRA and Microsoft Teams. This process results in streamlined management and faster resolution of security issues without disrupting workflows.
  • Cost Savings: Arnica offered a competitive pricing model, significantly reducing security costs while improving efficiency. Compared to alternative solutions, Arnica was up to five times more cost-effective, saving thousands of dollars.

Encouraged by their success with Arnica, Complete Genomics plans to expand useacross upcoming projects. The company is growing and aims to hire more software engineers, enhance security practices, and integrate Arnica into additional software development initiatives including new product lines to ensure ongoing compliance and security.

By adopting Arnica, Complete Genomics successfullysecured its software development process, improved compliance, and optimized value Arnica’s seamless integration, fast deployment, and automationprovided a scalable security solution that met the company's needs. As Complete Genomics continues its expansion, Arnica remains a critical partnerin ensuring secure, efficient, and compliant software development.

Recommended case studies

View all

Complete Genomics transformed its AppSec program by automating vulnerability management and compliance within FDA & HIPAA regulations.

Rigorously prioritized security findings across SAST, SCA, secrets, and more with full context for developers

Developer access requests are handled easily with Arnica's self-service chatops integration in Slack

Activate your pipelineless security in seconds

Book a demo
Get started