Plan your dream trip with Cresta AI Agent at CCW Las Vegas – Learn more

  • Products
    Back
    PLATFORM
    AI Platform
    Cresta is the enterprise-grade Gen AI platform built for the contact center and trained on your data.
    • Cresta Opera
    • Integrations
    • Responsible AI
    PRODUCTS
    AI Agent
    Cut costs, not quality, with human-centric AI agents you can trust
    Agent Assist
    Harness real-time generative AI to empower agents with unmatched precision and impactful guidance.
    • Knowledge Assist
    • Auto-Summarization
    Conversation
    Intelligence
    Discover and reinforce the true drivers of contact center performance.
    • Cresta Insights
    • Cresta Coach
    • Cresta Quality Management
    • Cresta AI Analyst
  • Solutions
    Back
    USE CASES
    Sales
    Discover and reinforce behaviors that accelerate revenue growth
    Customer Care
    Deliver brand-defining CX at a lower cost per contact
    Retention
    Transform churn risks into
 lifelong promoters
    Collections
    Accelerate collections while minimizing compliance risk
    INDUSTRIES
    Airlines
    Automotive
    Finance
    Insurance
    Retail
    Telecommunications
    Travel & Hospitality

    Why Transcription Performance Is Holding Back Your AI Strategy

    LEARN MORE
  • Customers
    Back
    Customer Stories
    Learn how Cresta is delivering lasting value for our customers.
    • CarMax
    • Oportun
    • Brinks Home
    • Snap Finance
    • Vivint
    • Cox Communications
    • Holiday Inn
    • A Top Telecom
    • View all case studies

    Our Own Zero to One: Lessons Learned in Building The Brinks Home AI Agent

    LEARN MORE
  • Resources
    Back
    Resources Library
    • Webinars
    • Ebooks
    • Reports
    • Solution Briefs
    • Data Sheets
    • Videos
    • Infographics
    • Media Coverage
    • Press Releases
    Blog
    Industry News
    Help Center
    Solution Bundles

    AI Maturity Blueprint: A Practical Guide to Scaling AI Adoption in the Contact Center

    LEARN MORE
  • Company
    Back
    About Cresta
    Careers
    Trust
    Customers
    Partners

    We’re Going Global! Cresta Expands to APAC and EMEA

    READ THE POST
Request a demo
Request a demo
  • Cresta Blog
  • Company News

Cresta’s Commitment to Security with GitHub

The contact center is the front door of today’s businesses. Whether it’s buying a product, resolving an issue, or renewing services, customers are increasingly engaging a business’ contact center, especially in today’s hyper-connected era. But too often the experience is frustrating—waiting on hold, trying to navigate a menu of prompts, struggling to connect with a human, and then more waiting while the agent reviews your information and finds an answer. The fact is you can make or break a brand in a single conversation. Enter Cresta, which provides AI-driven real-time intelligence for contact centers creating better conversations and customer experience.

The Cresta platform provides dynamic, real-time coaching for support agents, learning and then amplifying the best practices of the top performers across a team. It’s able to identify customer sentiment—ensuring compliance, providing smart responses, and more. It also lets managers see and track every conversation and agent progress, driving a better customer experience for contact centers.

Cresta’s 65 developers comprise nearly 50 percent of the company’s staff and they are laser-focused on delivering a better solution to the customer as fast as possible. At the same time, they need to ensure their code is highly secure. There’s a natural tension between the need to iterate quickly and the need to evaluate code for bugs and vulnerabilities. Customer-oriented companies want to continually ship new features. However, Senior Security Manager Robert Kugler underscores the importance of code quality to customer experience. Minor errors risk frustrating customers, while major errors leave the business open to vulnerabilities that could result in data breaches and cyber attacks. “When you develop code, you want to think of the customer first,” Kugler says. “If you create insecure code, you’re not thinking of the customer first because you open your customers up to risk.”

Cresta: team

Cresta leverages GitHub Advanced Security in their software supply chain to ship secure code. By making security a part of the software development workflow, developers can fix issues in real-time, eliminating the need to remediate days or weeks later. Using GitHub Advanced Security allows Cresta to utilize tools such as CodeQL, Secret Scanning, and Dependabot to identify potential problems before they make it into production.

Using CodeQL, Cresta automates Code Scanning with GitHub Actions to look for potential vulnerabilities during a pull request. When a vulnerability is identified, GitHub generates a recommended fix that can be implemented via a pull request. Because these tools run automatically, they don’t add any friction to Cresta’s development process and there’s no fear that security scans will be overlooked.

Beyond making their end product safer for customers, GitHub Advanced Security has improved the relationship between developers and the security team. “I can’t remember a single other security tool where I’ve heard a developer say: ‘I like it, it helped me avoid this mistake,’” Kugler says. “Usually, security tools feel negative. They tell you what you’re not allowed to do, but don’t provide a solution. Blocking a feature creates a lot of annoyance for everybody. GitHub Advanced Security actually creates pull requests so that developers can fix issues fast, while the code is still fresh in their minds, and lets them move on to the next thing. It helps our developers learn and improve.”

Cresta: Desks

Instead of being a drag on productivity, Kugler says GitHub’s developer-centric approach turns security into a net-win for productivity.

“Security of the Cresta platform is a core part of our strategy and competitive advantage. Tools like GitHub Advanced Security help keep our team lean. It makes us much more efficient.”

To move from DevOps to DevSecOps, Cresta recognized the importance of standardizing on application security testing tools designed for GitHub’s platform. GitHub Advanced Security provides a native security function within all GitHub repositories that allows security to be easily integrated within an existing codebase as well as third-party tools. This means that instead of modifying many different tools to fit within the CI/CD pipeline, developers can use one multi-functional platform that integrates CI, automation, deployment, and security all in one place.

Reducing the number of tools required also reduces the time it takes new hires to become productive and lets developers focus on writing code rather than managing tools. “Standardization and simplicity are huge for onboarding engineers at a fast-growing organization,” Kugler says. “Using twenty different tools becomes exhausting and unmanageable.” Plus there’s less training involved because so many developers already know how to use GitHub.

Cresta: Desks

Setting up GitHub Advanced Security was a very straightforward process. “We were up and running within 24 hours,” he says. GitHub Advanced Security’s CodeQL queries helped Cresta start identifying bugs and other vulnerabilities right out of the gate. By customizing the queries to perform variant analysis, the team can identify a bug once and remediate all its occurrences across the codebase, providing low-friction but high-impact results. This allows GitHub Advanced Security to be more useful to their specific applications in Cresta’s repositories and further it eliminates reducing false positives in the code scanning process.

Cresta makes security scalable by automating code scanning using GitHub Actions. “GitHub Actions is a powerful tool that provides a lot of flexibility,” Kugler adds. “A DevOps team can do a lot more with GitHub Actions than with the average CI tool.” Cresta uses Actions to scan code during non-production hours and takes advantage of cron jobs to do automated security scans on their repositories. Further, Cresta’s CI pipeline is also scanned during each pull request. This has had a significant impact on security. “About eighty percent of developers are fixing code on the pull request,” he says. “You can’t get much more impactful than that.”

GitHub Advanced Security has had an impact on the culture of security at Cresta. Instead of being the sole responsibility of the security team, developers are feeling the pride of ownership as they take an active role in security. “GitHub Advanced Security empowers developers by giving them educational content about the vulnerabilities they see,” Kugler says. The continuous alerts make them better at writing secure code. It makes our developers better every single day, with every single pull request.”

April 8, 2022

100 South Murphy Ave Ste 300
Sunnyvale, California 94086

Karl-Liebknecht-Str. 29A
10178 Berlin, Germany

100 King Street West
1 First Canadian Place, Suite 6200
Toronto ON M5X 1E8

Info
  • AI Platform
  • Customers
  • Resources
  • Partners
  • Trust
  • About
  • Careers
  • Blog
  • Support
  • Contact Us
Follow us
  • LinkedIn
  • YouTube
  • Twitter

Newsletter

Subscribe for the latest news & updates

© 2025 Cresta

  • Terms of Service
  • Privacy Policy
  • Employee Privacy Notice
  • Privacy Settings