Apiiro, the leading application security posture management (ASPM) platform, is unveiling a new, AI-driven capability that detects risks during the design phase of the application development lifecycle. By enabling application security (AppSec) professionals to detect and mitigate risks before a line of code is written, Apiiro forwards proactive security management that saves time, costs, and resources while accelerating software delivery.
Apiiro’s Risk Detection at Design Phase feature was developed due to a lack of security solutions on the market being able to detect risks prior to the development process, according to the vendor. Propelled by this gap in technology, Risk Detection at Design Phase offers architecture design and security controls to help AppSec deliver risk mitigation.
Powered by AI technology, Apiiro’s latest feature is based on the company’s native, private large language model (LLM), ensuring that company data will not be shared with any public AI service. Risk Detection at Design Phase empowers scalable, secure, proactive AppSec that automatically analyzes feature requests and identifies potential risks that may manifest in the future codebase.
“Detecting potential risk at the design phase gives us the opportunity to remediate risks before they exist, and in the most efficient way for our developers. However, it’s challenging to do this at scale and to ensure full coverage of features our development team are building,” said the head of security engineering at a fortune 100 retail company. “Apiiro’s design phase risk detection engine is a unique capability in the ASPM space. It allows us to modernize our approach to Secure-by-Design, scale and strengthen our security engagement, and provide some automation to our threat modeling and security requirements processes.”
By automatically analyzing a variety of app components—including sensitive data handling, user permissions and access management, generative AI (GenAI) technology, and third-party integrations and open source dependencies—Apiiro’s Risk Detection at Design Phase capability eliminates the need for manual security processes, according to the company. Operating on Apiiro’s Deep Code Analysis (DCA) technology, Risk Detection at Design Phase automatically generates context-based questions for security review, as well as providing threat stories using the STRIDE model.
“Amidst the ever-changing complexity of modern software development processes and application architectures, Apiiro is committed to delivering complete risk-based visibility and protection from design to runtime,” said Moti Gindi, chief product officer at Apiiro. “Building secure software starts with secure design, and the new AI-Driven Risk Detection at Design Phase from Apiiro takes the ‘shift left’ approach a step further, addressing risks even before a single line of code is written. This first-of-its-kind functionality leverages the power of AI to ensure customers have the context required to facilitate efficient security reviews and evolve from a reactive to a proactive approach to application security.”
To learn more about Apiiro’s Risk Detection at Design Phase capability, please visit https://apiiro.com/.