Saltworks, an application security (AppSec) company, is forming a partnership with attack surface management (ASM) provider Bit Discovery, enabling the company to integrate advanced ASM capabilities into SaltMiner. Saltworks customers can now benefit from fast and efficient ASM features that capture, inventory, and monitor external digital assets that can be easily viewed and managed in the SaltMiner dashboard.
Attack surface management is crucial to an effective AppSec program. It empowers IT with an understanding of what Internet-accessible technology/data points (domains/subdomains, IP address, servers, web pages, etc.) must be secured early in the SDLC, according to the vendors.
“Companies can’t expect AppSec teams to effectively secure applications if they don’t even know what needs to be secured,” said Dennis Hurst, founder and president of Saltworks. “Bit Discovery ASM furthers SaltMiner’s ability to protect external digital assets in tandem with the application inventory management functionality SaltMiner already has to secure enterprise architecture surfaces and dependencies.”
Applications are a business fundamental—they access, encode and receive data; run on servers and operating systems; and touch everything. Attack surface management identifies what’s on a network, who put it there, what it’s doing, and what it interacts with. Layer-in the riskiest applications (those custom built) and the ability to know what actually exists becomes an overwhelming task, even before thinking about security as part of the strategy.
Application security teams that struggle with attack surface management and the extensive detail required to properly secure applications are, typically, slower to accept the shift-left mindset.
ASM can also seem daunting to those who did not originate from the development organization, but rather the networking, server or auditing units. However, the proliferation of cloud technologies and the sheer volume of applications needed to securely run a business means a shift-left is no longer optional.
In addition to Bit Discovery, other successful Saltworks partnerships that continue to provide tangible DevSecOps value to companies worldwide include: Orasi, Micro Focus, Sonatype, Secure Code Warrior, Cobalt, and Imperva.
For more information about this news, visit www.saltworks.io or https://bitdiscovery.com.