Developers: | Trend Micro, Snyk |
Date of the premiere of the system: | 2021/05/25 |
Technology: | SaaS - Software as service, Application development tools |
Main article: SaaS - History. Philosophy. Drivers of development
2021: Presenting an Open Source Vulnerability Solution
On May 25, 2021, Trend Micro introduced a SaaS solution created with Snyk, a cloud security company. This is a service that can provide vulnerability analysis in open source to reduce the risk of developing applications and help specialists make the right decisions based on the data.
The service is already available for download in AWS Marketplace.
Open source components are increasingly used by developers, because they increase the speed of development, are universal and have a high level of quality and scalability. According to Snyk, 80% of the application code comes from open access sources.
According to Snyk, in recent years, there has been a 2.5-fold increase in the number of open source vulnerabilities. This means that security during software development becomes increasingly important. However, inconsistencies in the organization of business processes, mismatched tools and communication problems between SecOps and DevOps do not disappear anywhere on their own. And too often, this means that security professionals face difficulties and are unable to see all the risks associated with developing applications.
Snyk and Trend Micro aim to create the future of the cybersecurity industry, in which SecOps and DevOps specialists work effectively together to increase the overall level of security in their organizations, "said Geva Solomonovich, technical director of global partnership at Snyk. - The advent of Snyk security technologies created for developers in Trend Micro's Cloud One will allow more customers to deal with the risks of using open source. At the same time, its implementation as part of a single platform minimizes the need to work with several suppliers and tools. We look forward to working with Trend Micro to find solutions to key security issues for our customers. |
With one of these services, we can solve several problems at once and use technologies to fill internal gaps in communication, "said Kevin Simzer, COO at Trend Micro. - It can save more than 650 hours of development time for each application through automation capabilities, helps manage risks based on licensing requirements, and gives security professionals a chance to see part of the functional code of our platform that was previously unavailable to them. |
Trend Micro Cloud One - Open Source Security by Snyk also enables SecOps to identify vulnerabilities and licensing issues. This allows you to track risks, prioritize them correctly when they are detected, and report such risks in a timely manner during the project development process.
The main advantages of the service:
- assistance in security decision-making based on the data received;
- Continuous monitoring of threat levels
- effective prioritization of risks and recommendations for their elimination.
The automation capabilities built into the solution also help SecOps specialists quickly identify and obtain information about indirect dependencies in open source code, the existence of which in their applications may not be known by security services or developers. These capabilities save about eight hours per vulnerability.