RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

APSAFE Cloud Platform for Continuous Application Security Analysis

Product
Developers: Ural Center for Safety Systems (UCSS)
Date of the premiere of the system: 2024/10/07
Technology: SaaS - Software as a Service,  Application Development Tools

The main articles are:

2024: Apsafe Platform Introduction

The center cyber security CSSB launched the cloudy platform for continuous security analysis of Apsafe applications. The company announced this on October 7, 2024.

The Apsafe platform is an ecosystem of tools and processes that provide an almost complete cycle of secure development (DevSecOps). The service from the UTSB team will allow companies to include security in the development process without unnecessary costs and in a short time, as well as solve current business problems related to regulatory requirements and cybersecurity risks.

The Apsafe platform provides tools for analyzing the security of developed products (SAST, SCA, DAST, IAC-S, ASOC) with manual verification of results by an application security specialist. Connecting to the platform takes about 10 days (alternative implementation of in-house tools will take up to a year), identifying vulnerabilities using Apsafe takes no more than 5 days from the moment the platform tools check the code, while its use does not require changes in the development infrastructure.

File:Aquote1.png
The UTSB Cybersecurity Center has accumulated significant experience in implementing projects to analyze the security of applications for different business sectors and the public sector. We realized that the market lacks such a solution as Apsafe - a tool for implementing the necessary secure development processes for teams where there are no own resources for this, there is no experience in implementing DevSecOps, when there are difficulties with assessing the current level of application security and there is an acute task to fulfill the requirements of regulatory bodies and industry standards.
said Evgeny Todyshev, head of the Secure development Department of the UTSB, CPO of the product.
File:Aquote2.png

In addition, the Apsafe ecosystem will be relevant for companies supplying software to critical information infrastructure (CII) facilities. In particular, the platform helps to comply with the requirements of the Order of the FSTEC of Russia No. 239, GOST R 56939-2016, PCI DSS and others. Not only does the solution enable rapid implementation of secure development fundamentals, automates many security processes, but it also reduces the time it takes to fix errors and bring a product to market (Time to Market).

When using Apsafe, software developers are not alone with the vulnerabilities found. CSS specialists help development teams transfer information about them to other protection elements and will prepare comprehensive reports on the results of inspections by platform tools.