Anzeige
Mehr »
Login
Montag, 25.11.2024 Börsentäglich über 12.000 News von 677 internationalen Medien
500% Potenzial: Warum Analysten von diesem Uran-Explorer begeistert sind!
Anzeige

Indizes

Kurs

%
News
24 h / 7 T
Aufrufe
7 Tage

Aktien

Kurs

%
News
24 h / 7 T
Aufrufe
7 Tage

Xetra-Orderbuch

Fonds

Kurs

%

Devisen

Kurs

%

Rohstoffe

Kurs

%

Themen

Kurs

%

Erweiterte Suche
PR Newswire
273 Leser
Artikel bewerten:
(1)

Noname Security Launches Active Testing; Empowers Organizations to Shift Left with API Security Testing

Finanznachrichten News

Active Testing allows businesses to prevent attacks and reduce vulnerabilities with every release

SAN JOSE, Calif., May 4, 2022 /PRNewswire/ -- Noname Security, the leading API security company, today announced the launch of its Active Testing solution within the Noname API Security Platform. Active Testing is purpose-built to address specific application programming interface (API) challenges and enable organizations to adopt a 'shift left' approach to API security testing.

Active Testing allows businesses to stop vulnerabilities before they reach production and innovate faster without compromising security. With Active Testing, organizations can continuously refine and strengthen their API security posture and reduce the risk of damaging breaches.

APIs are critical to business transformation and lie at the heart of corporate strategies for growth and innovation. However, they also represent a considerable security risk. Traditional controls like API gateways and web application firewalls (WAFs) leave APIs vulnerable to targeted attacks or malicious abuse, making them a top attack vector for web applications. Attacks that cause data breaches or compromise performance can lead to regulatory fines, reputational damage, and lost revenue.

As a result, API security should be a priority for every organization, but until now the tools available have failed to address vulnerabilities pre-production.

Noname Security's Active Testing solution shrinks the API attack surface by ensuring vulnerabilities are detected before they reach production. It alerts developers instantly to business logic vulnerabilities, like the OWASP API Top 10, and its tests and simulations are based on real business logic, not fuzzing. This ensures a high degree of accuracy and relevance and minimizes false positives. Developers can deliver secure code without having to become security experts, and use APIs with confidence.

Vulnerability remediation is accelerated, and security bottlenecks are removed, through the ability to integrate Active Testing with existing developer, IT, and security workflows and service management tools including ServiceNow, Jira, and Slack.

The cost of remediating vulnerabilities is dramatically reduced when they are detected and fixed earlier in the software development life cycle (SDLC), while addressing them before they reach production allows the business to reduce expenditure on penetration testing and other third-party testing services. Further, the solution's advanced testing automation capabilities mean it can be seamlessly integrated into existing CI/CD systems, improving API security posture without interrupting the pace of innovation.

Advanced customization powers tailored API security testing programs

Customization is essential to fast and effective API security testing. Active Testing lets organizations easily create test suites that align with specific business objectives, with role-based access controls to ensure only authorized personnel can access APIs for testing. Active Testing also enables APIs to be grouped by business line, applications, teams, or any other parameter, allowing developers to align their development process with business needs. Similarly, Active Testing can be run in any environment, from testing and lab environments to staging.

Active Testing delivers unmatched coverage, with the ability to automatically run more than 100 dynamic tests that simulate malicious traffic. Test behavior can be adjusted, and severity tailored, to accurately replicate the organization's live environment and real-world threats. Developers can also compare Swagger files to understand conformity to the original specification and how the API has evolved.

The solution is quick to implement, delivering rapid time-to-value. This is a critical advantage compared to the typical time it can take to implement, test, and deploy runtime protections and remediation integrations for the production environment. These may take months to configure effectively, while a successful vulnerability exploit takes only seconds. Removing vulnerabilities before they reach production eliminates this risk and is a powerful tool to transform the integrity of an organization's code base.

"Businesses need to be able to realize the power of APIs without compromising on development speed or security," said Shay Levi, Co-Founder and CTO at Noname Security. "Our Active Testing solution enables dynamic API security testing within existing development pipelines, detecting issues early in the software development life cycle where they are easier and far less costly to fix. It is highly customizable and automated, testing with the rigor and intensity the business requires without burdening developers with additional steps or requiring them to become security experts."

"Unlike traditional tools, our solution understands business logic, allowing the development of purpose-built tests that deliver highly accurate and relevant results. Active Testing is revolutionary for organizations aiming to shift left with API security testing and prevent damaging breaches."

Noname's Active Testing solution is available as SaaS or on-premise, providing ultimate flexibility according to the preferences of each customer.

About Noname Security

Noname Security is the only company taking a complete, proactive approach to API Security. Noname works with 20% of the Fortune 500 and covers the entire API security scope across three pillars - Posture Management, Runtime Security, and API Security Testing. Noname Security is privately held, remote-first with headquarters in California, and offices in Tel Aviv and Amsterdam.

Media Contacts

EMEA

Jim Pople
C8 Consulting for Noname Security (EMEA)
jim@c8consulting.co.uk
+44 (0)7955 030191

© 2022 PR Newswire
5 heiße Wetten für den Jahresendspurt!
Nach dem unerwartet schnellen Ende der US-Wahlen mit dem Sieg des republikanischen Kandidaten Donald Trump fackelten die Aktien- und Krypto- Märkte ein wahres Kursfeuerwerk ab und bliesen zur Jahresendrallye.

Im aktuellen kostenlosen Report beleuchten wir 5 aussichtsreiche Unternehmen, die das Fundament besitzen, in den nächsten Monaten den breiten Markt zu schlagen.

Seien Sie dabei!

Fordern Sie jetzt unseren brandneuen neuen Spezialreport an und erfahren Sie, welche Aktien aufgrund ihrer Bewertung sowie charttechnischen Situation das Potenzial zu einer Outperformance besitzen.

Handeln Sie jetzt und sichern Sie sich Ihren kostenfreien Report!
Werbehinweise: Die Billigung des Basisprospekts durch die BaFin ist nicht als ihre Befürwortung der angebotenen Wertpapiere zu verstehen. Wir empfehlen Interessenten und potenziellen Anlegern den Basisprospekt und die Endgültigen Bedingungen zu lesen, bevor sie eine Anlageentscheidung treffen, um sich möglichst umfassend zu informieren, insbesondere über die potenziellen Risiken und Chancen des Wertpapiers. Sie sind im Begriff, ein Produkt zu erwerben, das nicht einfach ist und schwer zu verstehen sein kann.