Data Theorem Launches Attack Surface Management Product That Identifies 3P Assets and Appsec Violations

cybercrime.GettyImages 1034952658 sm

We’re excited to bring Transform 2022 back in person on July 19 and pretty much July 20-28. Join AI and data leaders for insightful conversations and exciting networking opportunities. Register today!

Data Theorem has launched what it calls the industry’s first Attack Surface Management (ASM) product. The product, Supply Chain Secure, is designed to address software supply chain security threats across the full application stack of APIs, cloud, mobile and web services, SDKs and open source software. Supply Chain Secure enables customers to quickly identify and prioritize security policy violations at their third-party vendors and suppliers.

The advent of digital transformation has made defining and defending an organization’s attack surface increasingly complicated. The attack surface is used by attackers to extract or damage data from a system. When loopholes in the attack surface are not known, an attack is inevitable. As a result, ASM is built on the notion that organizations cannot secure what they do not know. Therefore, it is critical for organizations to follow the ASM process of continuously discovering, inventorying, classifying and monitoring their IT infrastructure.

What is Attack Surface Management?

ASM is not the same as asset discovery, which only monitors the active and inactive assets on a network. Nor is it asset management, which identifies the IT assets organizations have and the potential security threats or holes that affect each on a continuous basis. ASM handles everything related to asset discovery and asset management, as well as additional security tasks. This is done from an attacker’s perspective. With ASM, organizations can now immediately shut down shadow IT assets, exposed databases, unknown apps, and other potential entry points to mitigate any resulting vulnerabilities.

As a provider of modern application security, Data Theorem is able to identify third-party vulnerabilities in the application software stack. This is achieved through continuous runtime analysis and dynamic inventory, which go beyond typical static source code analysis methods and software bill of materials (SBOMs) processing.

No organization, large or small, is safe from attack

The attack surface is a vast landscape. It’s constantly changing, especially as many assets are distributed over the cloud these days. The rise of remote working, triggered by the COVID-19 pandemic, has expanded the amount of remote assets and targets that security teams must protect. In addition, hackers automate their surveillance tools to investigate and evaluate remote attack surfaces that many security teams can never fully harden, as evidenced by the SolarWinds, Kaseya and Log4Shell intrusions.

These high-profile attacks have demonstrated security coverage deficiencies in standard static analysis tools, often integrated into source code repositories and software building systems. “72% of business professionals expect their third-party network to grow slightly or significantly over the next three years,” Gartner said. A Gartner analysis also confirms that “by 2025, 45% of enterprises worldwide will have experienced attacks on their software supply chain, a threefold increase from 2021.”

Third-party code and open source software pose threats, both intentionally and unintentionally. Without continuous monitoring, organizations cannot be sure that the code is secure. However, they can be sure of the far-reaching consequences of security breaches in third-party APIs, cloud services, SDKs, and open source software. Hackers can use it to gain access to computers, perform malicious attacks and steal sensitive information.

Critical Approach to Critical Issues

Most industrial and competitive services focus on supplier management and source code analysis using SBOM documentation. None of these approaches meet the fundamental need for continuous discovery of the complete application stack, which is introduced daily and weekly by third-party embedded software. This is because they cannot access source code for mobile, web, cloud, and commercial-off-the-shelf (COTS) software, as well as third-party API services.

While neither approach can provide continuous runtime security monitoring, Data Theorem’s Supply Chain Secure product provides a full-stack ASM solution that enables continuous discovery of third-party application assets and dynamic vendor tracking.

Data Theorem’s new supply chain product can automatically categorize assets under known suppliers, enable customers to add new suppliers, manage individual assets under each supplier, and warn of policy violations and high embedding rates from third-party suppliers in critical applications. Customers can use blackbox reverse engineering and hacker toolkits to automate offensive hacking techniques and facilitate automated penetration testing of known third-party exploits such as Log4Shell, Spring4Shell, API-based BOLA attacks and many more. These automated capabilities make it easier and faster for supplier management teams to address supply chain security issues.

Palo Alto Networks, Synopsys, Checkmarx and Contrast Security have all announced new products in the emerging ASM space. However, Data Theorem claims that it stands out from them all as it is the only vendor to provide dynamic and runtime analysis of the entire application stack to discover third-party assets and their respective attack surfaces. Doug Dooley, COO, Data Theorem, said, “Our award-winning Analyzer Engine, which has performed full stack analysis for first-party application assets, is responsible for this unique feature.”

VentureBeat’s mission is to be a digital city square for tech decision makers to learn about transformative business technology and transactions. Learn more about membership.

Leave a Reply

Your email address will not be published. Required fields are marked *