New solution helps to visualize cloud-native app risks
With more and more organizations turning to the cloud and cloud-native application development, AppSec teams face a mounting challenge to keep pace with their development counterparts.
To address this, Backslash Security is launching a new solution to provide unified code and cloud-native security by correlating cloud context to code risk, backed by automated threat modeling, code risk prioritization, and simplified remediation across applications and teams.
Using Backslash, enterprise AppSec teams can see, prioritize and easily act upon high-risk code combinations, called 'toxic code flows', in their cloud-native applications.
Current application security tools often produce a lot of low-value alerts, leading to an overwhelming amount of noise with as many as half being false positives. Not only that, security teams spend time investigating each one and due to the volume, cost and time involved many alerts are simply ignored
"AppSec teams are stuck with a decades-old paradigm of noisy vulnerability scanners, while cloud security teams have been enjoying modern, visual ways to zero in on and secure cloud infrastructure risks and vulnerabilities," says Shahar Man, co-founder and CEO of Backslash. "Backslash is here to uplevel the cloud-native security game for AppSec professionals by capturing the full context of cloud-native application security risk -- because soon enough, most applications will run on cloud, and application security will be what matters most. The Backslash team is honored to have the support of renowned cybersecurity entrepreneurs and investors to help us achieve our vision."
Backslash has been designed to address the persistent, time-consuming and manual ways of discovering and mapping applications code risks, and the cloud-native context gaps left unaddressed by previous generation tools.
Using unified visual mapping of threat models and application posture, AppSec teams can quickly prioritize code risks based on the relevant cloud context, reducing false positives alerts and fatigue; and they can significantly cut mean time to recovery by providing developers with the evidence they need to take ownership of the process.
You can find out more on the Backslash site.
Image credit: everythingposs/depositphotos.com