ATLANTA–(BUSINESS WIRE) Compliance at every stage of the software development lifecycle (SDLC).
Managing the attack surface is critical to an effective AppSec program. It enables IT to understand which technologies / data points (domains / subdomains, IP addresses, servers, websites, etc.) accessible via the Internet must be secured in the SDLC at an early stage. To strengthen the shift left mentality required for today’s DevSecOps initiatives, Saltworks customers now benefit from fast and efficient ASM capabilities that capture, inventory and monitor external digital assets that are easily viewed and managed in the SaltMiner dashboard can be.
“Organizations cannot expect AppSec teams to effectively secure applications without even knowing what to secure,” said Dennis Hurst, founder and president of Saltworks. “Bit Discovery ASM promotes SaltMiner’s ability to protect external digital assets along with the application inventory management functionality that SaltMiner already has to secure surfaces and dependencies on enterprise architectures.”
A new Saltworks customer estimated that they had 400 web applications. After Saltworks quickly created an attack surface map using Bit Discovery through SaltMiner, they found it was more than 800. Having this information at the start of Saltworks’ task in building a world class application security program for the customer was invaluable in terms of time. Risk and cost reduction.
Saltworks, Bit Discovery enable AppSec teams to know what needs to be backed up
Applications are a foundation of business – they access, encode, and receive data; run on servers and operating systems; and touch everything. Attack surface management identifies what is on a network, who placed it there, what it is doing and what it is interacting with. Layering the riskiest applications (the custom ones) and knowing what actually exists becomes an overwhelming task even before considering security as part of the strategy.
“Securing the business means knowing everything that needs to be protected, especially when it comes to the consistency of communication, compliance with the GDPR, the correctness of legal interests, the assessment of a merger / acquisition, the mitigation of security risks or the implementation of a Competitive analysis is possible, ”said Jeremiah Grossman, CEO of Bit Discovery. “The Saltworks partnership makes SaltMiner an even more indispensable AppSec solution for maintaining the security of company-wide applications, with the ability to identify and organize any corporate technology accessible via the Internet.”
Application security teams struggling with managing the attack surface and the large amount of detail required to properly secure applications are usually slower to accept the shift-links mentality. ASM can also act as a deterrent to those who do not come from the development organization, but from the network, server or auditing units. However, the proliferation of cloud technologies and the sheer volume of applications required to keep a business running securely mean that a shift to the left is no longer optional.
“In more than 25 years I have not seen a company that attacks surface management well, especially not large companies that have grown through acquisitions or have so many business areas that the number of applications that support global operations is almost unmanageable” continued Hurst. “The SaltMiner integrated into Bit Discovery provides unprecedented access to dig deep and understand the attack surface across the enterprise, where systems are widely distributed. It’s a dynamic landscape and starting the SDLC is the only way to ensure security integrity. ”
In addition to Bit Discovery, there are other successful Saltworks partnerships that continue to offer companies worldwide a noticeable DevSecOps value, including: Orasi, Micro Focus, Sonatype, Secure Code Warrior, Cobalt and Imperva.
To learn more from Dennis Hurst about AppInventory, ASM, and what they mean, watch The Security Guy TV (episode 1679). Visit www.saltworks.io for additional product and partner information.
About salt pans
Saltworks is an application security company that works with organizations to develop world-class AppSec programs from policy to production. Based on the premise that application security is mandatory, must be agile and cannot slow down the software lifecycle, Saltworks offers comprehensive, data-driven security test tools to protect every phase of application development.
About Bit Discovery
Bit Discovery makes managing attack surfaces with high fidelity quick and easy. The platform uses snapshots of the Internet to automatically organize huge amounts of information and combine them into a simple and elegant solution. The Bit Discovery solution automates the task of making a company’s Internet-connected assets transparent and provides real-time alerts when the inventory changes. The company is backed by investments from Aligned Partners, Mighty Capital and a group of individual investors in the information security space. https://bitdiscovery.com