Challenge: Security and customer satisfaction
“ClickFox is the only customer journey analytics platform certified on Hadoop. Our product mission is to enable the business analysts of our clients to easily perform complex journey science and enable them to monetize data by gaining a deep understanding of what their customers are experiencing,” explains Tim Friebel, ClickFox vice president, product marketing officer.
“For example, a customer might be trying to make a payment on a service provider’s website and runs into an issue, then picks up the phone and works his way through an automated system to speak to a service rep. ClickFox automatically collects and connects the data from these disparate systems—such as websites, mobile devices, interactive voice systems, and customer relationship systems—into journeys and exposes the granular details that led to that journey, with the ultimate goal of improving customer satisfaction, reducing operational costs and increasing revenue.”
The IT and enterprise manager for ClickFox is Zachary Johnson, who manages the company’s IT, systems engineering, and networking teams. One of Johnson’s responsibilities is to lead a cross-functional team of ClickFox representatives from their DevOps, security and product groups for weekly reviews of Black Duck’s open source code security scans.
“Due to the nature of our work, we rely heavily on the open source community,” says Johnson. “From both a security and a customer satisfaction standpoint, we want to make sure that the code we deliver to customers is free of vulnerabilities and potential licensing problems and is the best code possible. Many of our customers also use Black Duck and we want to be sure we’re catching code vulnerabilities before they do."
Results: True insight into open source being used
“Although we knew we used a huge variety of packages from the open source community, we were still definitely surprised when we began using Black Duck to find the variety and breadth of open source that our product incorporates,” says Johnson. “What is really nice about Black Duck is that it shows us all the places where open source is being used in our code. Black Duck is the only tool we’ve found that will give true insight into the open source used in your code. It not only presents you with vulnerabilities but provides remediation tips from a central, easy-to-use portal.”