Keep it simple to make it work
The CyCognito team is no stranger to quickly springing into action to address mission-critical security vulnerabilities; they help companies stay in control of their digital environments by proactively uncovering and eliminating critical security risks. But getting their customers to operate with the same sense of urgency could sometimes be a challenge—particularly without an easy way to communicate with users inside the CyCognito platform. With Pendo, CyCognito now creates engaging and effective in-app guides that lead customers to the exact vulnerabilities or areas of their products they need to address—without requiring additional support from engineering teams.
When a critical vulnerability in a widely-used software library was discovered in late 2021, the CyCognito team knew they needed to alert their customers to the problem as quickly as possible. “This was a particular function in a software library that everybody was using,” Daniel Avissar (Knowledge Manager and Technical Writer at CyCognito) explained. “We took it as an opportunity to use a Pendo in-app guide that immediately popped up as soon as customers would log into their platform.”
Avissar knew he needed to make this guide informative yet succinct—and give customers clear direction on the steps they needed to take to address the security risk. “We created a one-step guide that outlined what the vulnerability was and what CyCognito was doing to keep our customers informed about it,” said Avissar. “We provided links to resources that described the vulnerability in more detail that included a small news section and showed users how to contact us. And we also used a call-to-action (CTA) button that took our customers to the specific part of our platform that would allow them to investigate whether or not this critical vulnerability was indeed creating security issues for their organization.”
Reputation comes from repetition
This simple—yet effective—guide had an immediate positive impact for CyCognito and their customers. “[Our proactive approach with this guide] got us a lot of points with our current customers. And since then, we’ve done a couple of other one-step guides like this—because there’s not just one vulnerability in the world of cybersecurity,” Avissar explained.
The speed and ease with which Avissar and his team can stand up these guides was another big win for CyCognito. “Someone on the sales engineering team reported back that he was conducting a demo for a potential customer and was talking about this particular vulnerability. I had just published the Pendo guide, and it appeared as he was describing it to the prospect at that very minute,” said Avissar. The CyCognito team was also able to program the guide to appear twice a day, to reach the largest number of users possible until the threat was under control.
Avissar explained that, to date, this particular guide for this security incident has received the most click-throughs of any vulnerability alert his team has ever created. “Due to the severity of this vulnerability—and because we programmed the guide to appear twice a day—we had customers clicking on the CTA almost as frequently as the guide appeared. It’s been one of the most engaged-with guides that we’ve ever created,” he said. He also noted that this general in-app approach was well-received by CyCognito’s customer base. “We had a lot of positive feedback about what the company was doing in terms of proactiveness and responsiveness to the vulnerability. It was a sign that we had a good system in place.”
Following the success of this guide, the CyCognito team has put processes and templates in place to use Pendo for similar announcements on their platform about other vulnerabilities—a strategy which has continued to garner trust with their users and in the field. “It’s given us a great reputation among our customers,” said Avissar.