Business Challenge 

A significant portion of Wizz Air’s ticket sales takes place through the wizzair.com website. Due to the extremely high transaction volume, strict regulatory requirements, and integrated payment solutions, ensuring security and operational stability is of utmost importance. 

Traditional security practices, however, often slow down development and delay the release of new versions. Therefore, the client sought a solution that would provide comprehensive security coverage — across source code, dependencies, and containers — without compromising development speed. 

Solution

Abesse is implementing a layered DevSecOps strategy built upon a comprehensive assessment and analysis of the existing development and operations processes, security controls, and business requirements. 

The solution is built upon the following key security pillars: 

• SCA and license compliance – automatic scanning of external dependencies used during development to identify vulnerabilities and legal risks early. 

• SAST – static application security testing based on customizable rules, capable of detecting code flaws and insecure patterns before the build phase. 

• Secret detection – prevention of sensitive data (e.g., passwords, tokens) leakage within source code, configuration files, and infrastructure definitions. 

• IaC security – scanning of infrastructure-as-code files to identify misconfigurations and potential security gaps early in the deployment process. 

• Container security – continuous analysis of container images to detect known vulnerabilities, poor configurations, and non-compliant components. 

The development processes are supported by a template-based, parameterized pipeline, where security databases, scanning rules, and configurations are loaded from a central repository. This ensures a consistent security standard across different repositories and environments, while enabling automated vulnerability detection and remediation early in the development lifecycle. 

Results

The implemented solutions provide comprehensive coverage of state-of-the-art security controls used in modern software development — including code analysis, dependency scanning, secret detection, configuration issue identification, and container vulnerability management. 

The security checks are fully integrated into the CI/CD pipelines, providing automated feedback early in the development cycle and enabling fast issue remediation without slowing down the development pace. 

The implemented software components provide a cost-effective solution even for large codebases. The established toolset and reporting framework offer clear and easily interpretable outputs for both developers and business stakeholders, enabling fast feedback cycles and improved collaboration. 

An important aspect of the solution is that all data generated during security checks remains strictly within the organization and is never shared with third parties, thereby fully complying with stringent data security and compliance requirements.