How Simpson Strong-Tie’s CISO Moved from Annual Snapshots to Continuous Application Coverage
How Simpson Strong-Tie's CISO replaced annual pentest snapshots with continuous application security coverage from Novee — finding what manual tests missed.
Simpson Strong-Tie is the world leader in structural building products, supplying engineered connectors, fasteners, anchors, and lateral-force resistance systems trusted across residential and commercial construction worldwide. When VP Cybersecurity and CISO Matt Harless set out to harden the company’s growing portfolio of customer-facing software solutions, a once-a-year pentest wasn’t going to cut it. He needed continuous coverage, and confidence that what was being tested actually reflected what attackers would find.
“Before Novee, we were getting a snapshot once a year. Now we have continuous coverage across our application portfolio, we’re already finding things that prior manual pentests missed completely, and I have real confidence that our security posture reflects what’s actually in our environment.”
— Matt Harless, VP Cybersecurity & CISO, Simpson Strong-Tie