How Medome uses Beagle Security for continuous penetration testing

About Discern Security

About Medome

Medome(previously SOAP) is a healthcare platform designed to help individuals take control of their health and wellness.

It delivers ongoing health insights by combining data from medical history, wearable devices and other health records. This approach helps improve early detection of diseases and reduces the chances of incorrect diagnosis.

Medome operates on a B2C model, allowing users and patients to access its services directly without needing a doctor.

Impact TL;DR

With Beagle Security, Medome made security easier to work with across teams.

• Developers got instant, practical feedback

Issues were caught early while building, not after release.

• Less noise, more clarity

Teams spent less time filtering alerts and more time fixing real problems.

• Improved visibility without extra effort

Stakeholders could understand the security posture without adding complexity.

• Shift left security

Vulnerabilities were detected and fixed earlier, thereby saving time and money.

The challenge

Medome followed strong security practices from the start including manual code reviews, pre-deployment testing and cloud native security protocols. But as the platform scaled, gaps started to show.

The team struggled with:

• Difficulty uncovering vulnerabilities systematically

Existing processes were solid but not built to catch the full depth or breadth of security issues.

• Security checks that didn’t keep pace with developments

Testing between sprints wasn’t sustainable and created gaps as development cycles sped up.

• Slow and infrequent external penetration testing

These tests were expensive and time consuming.

External penetration tests were slow, expensive, and infrequent, and vulnerability scanners generated noisy, hard-to-prioritize results that consumed more time than they saved.

Alberto Silas

Lead DevOps Engineer, Medome

• Noisy and hard to prioritize scan results

Existing tools generated too many alerts making it difficult to focus on what actually mattered.

• Compliance pressure without clear evidence

Meeting SOC 2 and HIPAA requirements needed consistent, audit ready proofs.

• Heavy reliance on manual security processes

Specific security testing depended on manual reviews making it difficult to scale and keep up with rapid development cycles.

Security-specific testing relied heavily on manual processes and general QA practices, making it difficult to consistently match the speed of development as the platform evolved.

Alberto Silas

Lead DevOps Engineer, Medome

• Inconsistent security coverage across releases

Manual reviews made it challenging to standardize security checks, leading to variations in coverage between releases.

• Lack of continuous security validation

Security testing was not consistently running alongside development. This led to delayed identification of vulnerabilities.

Solution: From manual testing to continuous penetration testing

To close the gaps in their existing process, Medome shifted from manual, periodic testing to automated, continuous security testing with Beagle Security.

With this shift, they were able to:

• Run automated penetration tests every month

Security testing became consistent and always on, instead of something done occasionally.

Beagle Security fits seamlessly into our development workflow. We schedule automated penetration tests every month, and actionable items from the reports are directly assigned to our development team.

Alberto Silas

Lead DevOps Engineer, Medome

• Turn test results directly into development tasks

Reports were clear and actionable, making it easy for developers to pick up and fix issues.

• Remove heavy reliance on manual effort

The team no longer had to depend on time consuming manual reviews and external penetration tests.

• Simplify compliance with continuous evidence

Up to date reports helped meet SOC 2 and HIPAA requirements without any last-minute stress.

• Get started quickly without friction

Onboarding was smooth and then the team was up and running almost immediately.

Smooth, fast, and well-supported. The interface made onboarding straightforward, and once the configuration was done, we were operational almost immediately.

Alberto Silas

Lead DevOps Engineer, Medome

With Beagle Security in place, Medome experienced a clear shift in how security was managed and perceived across the team.

• Security became continuous, not episodic

The team always has a clear view of their security posture, helping them make better day-to-day decisions.

• Compliance and audits became easier to handle

Continuous testing and up to date reports provide the required evidence without last minute efforts.

The combination of scheduled automated testing and always-available, up-to-date reports gives us the continuous evidence of security diligence that compliance frameworks demand, making audit preparation significantly less painful.

Alberto Silas

Lead DevOps Engineer, Medome

• Strong ROI without increasing costs

The team achieved deeper security testing and better coverage without high cost of traditional approaches.

• High quality testing without the overhead

Medome maintained depth in security without adding extra tools or investing in a legacy penetration testing system

Many pen testing solutions are either too expensive or too manual to scale with our compliance needs. Beagle Security struck the right balance: cutting-edge AI-driven testing at a competitive price, without sacrificing depth or coverage.

Alberto Silas

Lead DevOps Engineer, Medome

• Security felt effortless, not disruptive.

Continuous pentesting fit naturally into their workflow, removing friction from daily operations.

In a space where security often slows things down, Medome found a way to make it work quietly in the background with Beagle Security.