Data Theorem launches attack surface management product that identifies 3P assets & appsec violations
We are excited to bring Transform 2022 back in-person July 19 and virtually July 20 – 28. Join AI and data leaders for insightful talks and exciting networking opportunities. Register today!
Data Theorem has launched what it’s calling the industry’s first attack surface management (ASM) product. The product, Supply Chain Secure, is designed to address software supply chain security threats across the application full stack of APIs, cloud, mobile and web services, SDKs, and open-source software. Supply Chain Secure enables customers to quickly identify and prioritize security policy violations among their third-party vendors and suppliers.
The rise of digital transformation has made defining and defending an organization’s attack surface increasingly complicated. The attack surface is used by attackers to extract data from a system or cause damage to it. When loopholes in the attack surface aren’t known, attack is inevitable. As a result, ASM is built on the idea that organizations can’t safeguard what they don’t know about. This is why it’s critical for organizations to follow the ASM process of continuously discovering, inventorying, classifying and monitoring their IT infrastructure.
What is attack surface management?
ASM is not the same as asset discovery, which merely monitors the active and inactive assets on a network. It’s also not asset management, which identifies the IT assets that organizations hold and the possible security threats or holes that influence each one on a continuous basis. ASM handles everything related to asset discovery and asset management, as well as additional security duties. This is done from the perspective of an attacker. With ASM, organizations can now immediately shut down shadow IT assets, exposed databases, unknown apps and other potential entry points to mitigate any resulting vulnerabilities.
As a provider of modern application security, Data Theorem is able to identify third-party vulnerabilities throughout the application software stack. This is accomplished by continuous runtime analysis and dynamic inventory discovery, which go beyond typical source code static analysis methodologies and software bill of materials (SBOMs) processing.
No organization, big or small, is safe from attacks
The attack surface is a sprawling landscape. It constantly changes, especially as many assets today are distributed across the cloud. The rise of remote work, occasioned by the COVID-19 pandemic, has expanded the amount of external assets and targets that security teams must safeguard. Moreover, hackers are automating their surveillance tools to probe and evaluate external attack surfaces, which many security teams never fully manage to harden, as evidenced by the SolarWinds, Kaseya and Log4Shell intrusions.
These high-profile attacks have shown security coverage shortcomings in standard static analysis tools, which are frequently integrated into source-code repositories and software build systems. “72% of business professionals expect their third-party networks to increase somewhat or greatly in the next three years,” according to Gartner. Also, a Gartner analysis affirms that “by 2025, 45% of enterprises around the world will have faced attacks on their software supply chain, up threefold from 2021.”
Third-party code and open-source software pose dangers, both intentionally and unintentionally. Without continuous monitoring, organizations can’t be sure if the code is safe. They can be certain, however, of the wide-ranging consequences of security breaches in third-party APIs, cloud services, SDKs and open-source software. Hackers can use these to gain access to computers, launch malicious attacks and steal sensitive information.
Critical approach for critical issues
The majority of industry and competing services concentrate on vendor management and source-code analysis using SBOM documentation. Neither of these approaches meets the fundamental need for continual discovery of the application complete stack, which is introduced on a daily and weekly basis by embedded third-party software. This is because they don’t have access to source code for mobile, web, cloud and commercial-off-the-shelf (COTS) software, as well as third-party API services.
While neither approach can provide continuous runtime security monitoring, Data Theorem’s Supply Chain Secure product provides a full-stack ASM solution that provides continuous third-party application asset discovery and dynamic vendor tracking.
The new supply chain product from Data Theorem can automatically categorize assets under known vendors, allow customers to add new vendors, manage individual assets under any vendor, and alert on policy violations and high-embed rates of third-party suppliers into critical applications. Customers may use blackbox reverse engineering and hacker toolkits to automate offensive hacking techniques and make automated penetration testing of known third-party exploits like Log4Shell, Spring4Shell, API-based BOLA attacks, and many more easier. These automated capabilities make it easier and faster for vendor management teams to address supply chain security issues.
Palo Alto Networks, Synopsys, Checkmarx and Contrast Security have all announced new products in the emerging ASM space. However, Data Theorem claims it is distinct from them all as it is the only vendor providing dynamic and runtime analysis of the application full stack to discover third-party assets and their respective attack surfaces. Doug Dooley, COO, Data Theorem, said, “Our award-winning Analyzer Engine, which has been performing complete stack analysis for first-party application assets, is responsible for this unique feature.”
VentureBeat’s mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Learn more about membership.
Static Application Security Testing (SAST)