Customer Stories / Medmo
How Medmo uses pentesting to eliminate security risks and win enterprise healthcare customers
CHALLENGE
Meet complex compliance needs with a lean team
Barak Poker, Medmo’s CTO, had big compliance requirements. As the business scaled to serve larger organizations, Barak needed proof that their product was secure.
In order to strengthen the company’s security posture, Barak needed to identify and remediate any potential security risks. He also needed all of their documentation organized to complete their SOC 2 audits and ongoing HIPAA compliance and be more prepared for audit requests. But Barak couldn’t do it alone.
At growth companies, you don’t have the luxury of having someone fully dedicated to compliance. Usually that falls on someone like myself or someone in operations.
Yet compliance is a fundamental pillar for a company of any size.
Barak Poker
CTO
Medmo
SOLUTION
Medmo chooses Thoropass to conduct pentesting and close security gaps
Barak engaged Thoropass as a comprehensive compliance partner to conduct penetration testing and ensure readiness for both the SOC 2 and HIPAA frameworks. With a team of experts and an easy-to-use platform that streamlined the process, Barak found the support he needed to ensure the Medmo product was audit-ready.
“They fully understood what our application was, what our stacks were, what the breadth of each application was. I was really impressed by their organization and professionalism in terms of all their communications,” said Barak Poker, CTO at Medmo.
Thoropass’s experienced pentesters found several optimization opportunities, which were mostly focused on internal applications requiring high-level credentials. With Thoropass’s detailed reports and recommendations, Barak’s team was able to immediately run patches to optimize and further secure the Medmo platform.
If you do a pentest and they come back with zero vulnerabilities, that means the pentesters didn’t do a thorough job. There are always going to be vulnerabilities, so I wasn’t surprised that they did find opportunities for improvement.
When the focus areas came in, Thoropass reported them immediately in a very detailed way, so it was crystal clear what needed to be enhanced.
Barak Poker
Medmo
RESULTS
Improved security posture opens the door to larger customers
Partnering with Thoropass allowed Barak to mitigate potential security risks and open the doors to new, larger customers. Now, when healthcare organizations ask for evidence of Medmo’s compliance, Barak has reports at the ready.
Working with Thoropass has 100% helped us formalize our security posture.
We are now in a position to work with the largest organizations and respond to a lot of the audits that we’re now prepared for.
Barak Poker
Medmo
LOOKING AHEAD
Staying ahead of vulnerabilities with ongoing compliance monitoring
With ongoing compliance monitoring from Thoropass, Barak and his team know exactly what steps to take to keep risk at bay. Customers and stakeholders alike can have confidence in Medmo’s cybersecurity strategy.
The Thoropass platform and team really helped lay out the Venn diagram of what needs to be done for both SOC 2 and HIPAA.
It made it crystal clear for us to know what our roadmap is, what tasks we have to do, and where we stand in terms of our compliance. It’s the combination of the platform and the Customer Success Manager that make it a great product.
Barak Poker
Medmo
Medmo
Medmo
Featured
Product
HIPAA,
Penetration Testing,
SOC 2,
Industry
HealthTech
Company size
11-50
Location
New York
Related Customer Stories
A FinTech startup achieves multiple compliance frameworks essential for international expansion
ISO 27001,
SOC 2,
Cybersecurity pros at 1up unlock enterprise deals with their SOC certification
ISO 27001,
SOC 2,
.png)
