ISV Product Development


How Clayton helps Aptumo nail their AppExchange Security Reviews and hit their time-to-market goals.
Lines of code scanned per month
Pull requests automatically scanned per month
Vulnerabilities prevented per month
Development capacity increase
1000 h
Post-release reworks avoided per month

Company Overview

Echo Managed Services is a specialist outsourced provider of complex multi-channel customer contact services, comprehensive debt recovery solutions and the developer of the market-leading water customer care and billing system, RapidXtra and Aptumo, a pioneering SaaS utility billing solution, native to Salesforce. Echo combines best practice technology and processes with highly skilled and knowledgeable people to provide public and private sector organisations with end-to-end customer contact capabilities.
Location Walsall, West Midlands, United Kingdom
Number of employees 500+
Industry Business Process Outsourcing
Go live date
October 2019


Echo envisioned an easy-to-use, cloud-native solution, designed to transform how utility companies manage billing in the era of connected customers.

That’s how Aptumo was born: an innovative SaaS customer billing solution, built by Echo on Salesforce, to enable utility companies to make billing easy, and to reduce billing and CRM data synchronisation headaches across customer service operations.

Problem & Challenges

Echo’s team is large and globally distributed, and it was crucial that the same security and technical standards were observed consistently throughout product development.

Successfully passing the AppExchange Security Review was vital to avoid delays to the Echo’s planned time-to-market, and this was adding additional pressure to the product development team.

In the meantime, customers from multiple geographies were buying into Echo’s vision and new regulatory requirements continued to emerge that needed to be built into the product quickly: in simple words, development could not be stopped.

Echo needed a way to deliver innovation quickly while ensuring top-class security standards were always met, enabling them to clear the AppExchange Security Review in line with their planned timeline.


Clayton’s software helped Echo pass the AppExchange Security Review and to meet their time-to-market goals, thanks to a combination of continuous automated reviews, and one-off manual inspections.
The Clayton solution has been able to support us at a time when our own resources were stretched due to fast growth and the interest levels in our new product, Aptumo. Their experience navigating the AppExchange Security Review Process has been extremely valuable to our team.
Andrew Edge
Salesforce Technical Lead
Echo’s team runs its Salesforce development on GitHub, using Clayton’s solution to ensure all new developments are compliant with all AppExchange Security Requirements.

Echo’s team use a feature-branch git workflow. Every feature is developed on its own branch, and a pull request is created as soon as development is complete.

As soon as this happens, Clayton performs a complete security check, outlining any potential issues and recommending fixes to the Echo developers.
Once all checks pass, a peer-to-peer review takes place and the feature is eventually merged, triggering the CI pipeline and automatic deployment to a testing environment.

Key Features

GitHub integration
Automated code reviews
Premier support
Manual security inspection

AppExchange Premier Support

In addition this, Clayton provides periodic assessments and dedicated support by security experts, to help prepare all Security Review submissions.
Lines of code secured
Additional security problems found despite not being detected by the Scanner
False detections by the Scanner triaged by Clayton security experts


With a stronger cloud-first vision and more apps on the way, Echo has chosen Clayton as their on-going partner to support secure development across the Aptumo product.
Clayton is, in my opinion, the best source scanning tool for Salesforce development teams. It helped us to meet our planned time-to-market, and the support we received was exceptional.
Dave Evans
Head of Technical Services
Meet Clayton
Try Clayton now
Up and running in clicks. 14 days free trial. Cancel anytime.