NightVision Transforms Secure Software Development With Application Testing Solution
Application Security Testing Works at the Pace of Artificial Intelligence-Assisted Software Development
Identifies AND Locates Critical Vulnerabilities in Minutes Before They are Deployed
Successfully Shifts Left Where Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) Have Failed for Decades
NightVision's modern gray-box security testing approach is an industry breakthrough designed to remediate software vulnerabilities long before production to reduce development costs, bolster security and resiliency, and ease the burdens on developer and security teams.
"For years, we have failed to provide software developers with testing tools to perform quickly and accurately. The shortcomings of the AppSec market have put us in the software insecurity predicament we find ourselves in today," said
The two leading legacy testing technologies – Dynamic Application Security Testing (DAST) and Static Application Security Testing (SAST) have frustrated users for various reasons. They generate an unmanageable number of false positives, require time-intensive custom coding to launch, and take hours to scan. Moreover, legacy DAST tools fail to test more than 70% of endpoints in application programming interfaces (API), often making their tests pointless.
"We won an award at our company's internal hackathon for demonstrating the ability for developer teams to execute a DAST scan on a web app in eight minutes from start to finish during build time, with tickets for findings opened automatically with Engineering," said
"When I heard a prominent tech company used NightVision to migrate from a manual two-plus hour application testing process to one that was automatically completed in eight minutes, I had to give it a try," said
The NightVision AppSec solution simulates attacks to see what is actually exploitable and traces findings back to code. Key product capabilities include:
API Identification – In real environments of fast-moving development teams, comprehensive API documentation is often absent. NightVision automatically generates detailed documentation of existing APIs to scan undocumented or under-documented APIs, making testing more accurate and comprehensive than previously possible.
Shadow API discovery: When analyzing code before simulating attacks, shadow APIs can be uncovered via source code analysis that was not meant to be introduced to production. NightVision can discover and test these Shadow APIs that are often ungoverned, perform higher privileged functions, and previously have not been tested for security issues.
Pinpoints Vulnerable Code -- NightVision identifies issues at the exact area(s) of code in the dev environment so developers don't have to spend time chasing down or validating vulnerability reports, saving money and precious engineering resources.
The Attacker POV -- Developers can locate vulnerabilities at the origin with the exact area of code highlighted to get a perspective on applications the way attackers would.
Comprehensive Scans -- Thoroughly scan apps on public and private networks for full coverage and run comprehensive scans within 3-10 minutes to share insightful results throughout the organization.
Seamless Integration – Integrate directly into the Continuous Integration/Continuous Delivery (CI/CD) pipeline to scan each pull request in minutes. Create a frictionless cycle between development and security teams through easy workflows.
Plug-and-Play Testing – Developers need little to no custom coding during scan set-up, and then comprehensive scans are completed within minutes through cloud-enabled simultaneous parallel scanning.
"To say that AI has exponentially increased the speed of software development and the spread of bad and vulnerable code is an understatement," said
The shortcomings of the application software testing market have handcuffed developers and cybersecurity teams. Developers want to be quickly and easily alerted of exploitable vulnerabilities, including precise details on the location and context of the issue.
"IDC research shows that organizations implementing DevSecOps empower developers to find and fix vulnerabilities, but to do so, they need application security testing solutions that can keep up with the speed of software development and do not impede innovation," said
About NightVision
NightVision enables software security testing earlier in the software lifecycle, identifies exploitable vulnerabilities, and ties it back to the line of code. Moving at the speed of innovation, NightVision ensures that security does not impact development timelines.
Contact:
View original content:https://www.prnewswire.com/news-releases/nightvision-transforms-secure-software-development-with-application-testing-solution-302157492.html
SOURCE NightVision
Serious News for Serious Traders! Try StreetInsider.com Premium Free!
You May Also Be Interested In
- Zoomlion Accelerates Application of Hybrid and Electric-Drive Technologies Across Equipment Lines
- Notta Highlights Privacy Mode for Notta Desktop, a Bot-Free Local Transcription Workflow for Sensitive Meetings
- KT&G announcement: "American investor Capital Research and Management acquires additional 1.04 million shares, increasing stake again to 8.2%"
Create E-mail Alert Related Categories
PRNewswire, Press ReleasesSign up for StreetInsider Free!
Receive full access to all new and archived articles, unlimited portfolio tracking, e-mail alerts, custom newswires and RSS feeds - and more!



Tweet
Share