Leading Imaging Manufacturer Resolves 186 AppScan Violations with Origina’s Help

CASE STUDIES

3 min read

Previous Case Study

Trustmark National Bank Cuts IT Costs and Gains Control with Independent Software Support

 Next Case Study

Origina Solves HCL Domino Defect: Independent Solution Rolled Out Regardless of Version or Support Level

CUSTOMER PROFILE

A household name in its field, this U.S. digital imaging manufacturer supports a parent company that enjoys a strong reputation across industrial, government, and consumer markets. Originally focused on digital imaging, the company’s U.S. division now contributes to a broad portfolio of patents spanning medical devices, injection molding, and beyond.

  • INDUSTRY:

    Electronics Manufacturing

  • COMPANY SIZE:

    Large

  • LOCATION:

    New York, U.S.

PRODUCTS
  • HCL® Digital Experience
  • IBM® WebSphere Application Server 9.0
  • HCL® AppScan

With Origina’s expert collaboration and guidance, the customer closed out all 186 vulnerabilities — including 15 with remote execution risk — elevating their threat defense capabilities and building confidence for future remediation efforts. 

THE PROBLEM

HCL® AppScan Flags 186 Violations — Including Critical Remote Execution Risks 

Automated cybersecurity tools such as vulnerability scanners are common in enterprise IT, but resolving flagged issues is rarely straightforward. These tools often struggle with highly customized software estates, resulting in inaccurate, misleading, or technically correct yet contextually confusing findings — leaving teams uncertain how to proceed.

That’s exactly what happened when the U.S. division of a global imaging conglomerate ran a routine scan using HCL AppScan. The results were anything but routine: 186 violations, including 15 high-priority vulnerabilities that posed remote execution risks. One of the most urgent was tied to the well-known Log4Shell vulnerability in the open-source logging library Log4j.

Internal teams, alongside external cybersecurity partners, spent the next 60 days investigating. They cataloged violations, attempted fixes, re-scanned systems, and continued receiving the same alerts — with little to show for their efforts. Frustrated by the lack of progress and unable to get the clarity they needed from AppScan’s surface-level reports, the company turned to Origina for help resolving the issues without disrupting its highly customized digital infrastructure.

THE SOLUTION

186 to Zero: How Origina’s Experts Resolved a Cybersecurity Roadblock

Origina’s initial analysis confirmed the core challenge behind stalled remediation efforts: AppScan’s baseline reports lacked sufficient detail to prioritize and resolve issues effectively.

Key observations included:

  • AppScan’s internal network access meant it detected some issues within the internal environment, accounting for seemingly redundant or lower-priority findings.
  • Cache parameters within IBM WebSphere Portal and HCL Digital Experience could be safely adjusted to resolve several violations.
  • The manufacturer’s extensive custom code — common in enterprise software estates but often a source of misleading scanner alerts — required manual inspection to clarify violations and guide remediation.

During their review, Origina’s Global Independent Experts (GIEs) brought critical context beyond the baseline scan. The detailed manual inspection of custom code uncovered vital information that allowed the team to directly resolve many violations or provide precise recommendations to the manufacturer’s internal personnel, depending on access levels.

Among the 15 vulnerabilities with remote execution potential, the team prioritized the critical Log4Shell vulnerability (CVE-2021-44228) in the widely used open-source logging library Log4j. Origina advised the customer to begin by locating and removing outdated versions of Log4j — a vital first step in mitigating this high-risk flaw.

Security scanning is widely accepted as a best practice, but companies must be cautious not to let checklist compliance drive their entire cybersecurity approach. By partnering with Origina’s experts to resolve vulnerabilities at an architectural level, the digital imaging manufacturer not only eliminated all 186 issues but also gained essential contextual knowledge to empower internal teams in managing future cybersecurity incidents confidently, regardless of the detection method.

The partnership with Origina continues to provide ongoing maintenance and strategic support, helping the manufacturer stay ahead of evolving cybersecurity threats.

THE RESULT

By engaging Origina’s expert software maintenance and support services, the digital imaging manufacturer was able to address complex vulnerabilities effectively, boost their defense strategy against threats, and empower internal teams with ongoing guidance. As a result, they:

  • Resolved 186 scan violations that had stalled internal efforts for months
  • Developed a deeper understanding of their software security posture
  • Implemented expert advice to proactively defend against future vulnerabilities
  • The partnership with Origina continues to provide ongoing maintenance and strategic support, helping the manufacturer stay ahead of evolving cybersecurity threats.

 

Clean scans. Fewer headaches. Stronger security.

Work with Origina to keep your existing software environment secure – without disruption.

Get in Touch Today
Contact Origina- Experts