AUSTIN, TX – Feb. 28, 2022 – With headline-grabbing vulnerabilities corresponding to Log4Shell drawing consideration to the dangers offered by open-source parts, organizations more and more want utility safety applications that handle this threat. Immediately, Invicti Safety™ introduced its software program composition evaluation providing, purpose-built to help firms in monitoring, scanning, and securing the open-source parts inside their purposes.
With each firm now a software program firm, builders are underneath extra strain than ever to quickly launch progressive options and performance that assist them keep velocity to market. Due to this, utilization of open-source parts has soared over the previous half-decade. In keeping with ESG, 80% of organizations report that greater than 1 / 4 of their codebases are depending on open supply.
Nonetheless, in line with the identical analysis from ESG, lower than half of organizations (48%) have particular safety controls to scan for open-source vulnerabilities. As a result of open-source software program has a distributed growth mannequin, it could actually inadvertently introduce vital vulnerabilities that in-house groups might miss.
Invicti SCA was developed to assist groups mitigate open-source dangers with out impeding their tempo of innovation. It does so by:
- Detecting all open-source parts and the place they’re in use throughout your complete utility portfolio
- Offering remediation steerage when a vulnerability is recognized and figuring out probably the most up-to-date model of the software program to forestall vulnerabilities from being launched into manufacturing
- Mixing DAST + IAST and SCA, take a look at protection is maximized in a single scan, enabling complete evaluation of the appliance’s safety threat posture in a single pane of glass.
Invicti is the one firm that provides DAST, IAST and SCA testing in a single scan and offers consolidated outcomes. With a scarcity of safety abilities and the necessity to quickly launch new performance, clients can combine the Invicti platform into their CI/CD pipeline, ticketing programs, and different growth instruments as soon as and get a complete view of their utility safety threat earlier than it goes into manufacturing.
“Open-source parts have modified the sport for software program growth and energy lots of the client and enterprise purposes we depend on at the moment,” mentioned Invicti Chief Product Officer Sonali Shah. “Due to their rising ubiquity, they’ve additionally turn into more and more enticing targets for risk actors. We’ve launched SCA to the Invicti platform to assist trendy DevSecOps groups safe open-source software program on the velocity of innovation.”
Invicti SCA is now typically accessible for PHP, Node.js, Java, and .NET purposes. For extra data, please go to www.invicti.com.
About Invicti Safety
Invicti Safety is remodeling the way in which internet purposes are secured. An AppSec chief for greater than 15 years, Invicti allows organizations in each trade to repeatedly scan and safe all of their internet purposes and APIs on the velocity of innovation. Invicti offers a complete view of a company’s whole internet utility portfolio, and highly effective automation and integrations allow clients to realize broad protection of even 1000’s of purposes. Invicti is headquartered in Austin, Texas, and serves greater than 3,500 organizations of all sizes all around the world. For extra data, go to our web site or observe us on LinkedIn.