Apiiro announced its
Risk Graph Explorer
to empower application security and development teams to discover,
query, and understand their complex application inventory and attack
surface with unprecedented visibility - in a matter of seconds.
Modern applications are made up of
countless code modules, open source dependencies, APIs, data models, and
technologies that are developed across numerous languages, frameworks,
and contributors. All of these components are maintained, built, and
deployed across multiple repositories, SCMs, CI/CD pipelines, and cloud
environments, and are all constantly changing.
With this powerful new addition to
Apiiro's Cloud Application Security Platform, customers can easily
explore their application environment, the different application
components, their interconnections, associated risks, and changes over
time, and the process in which they were developed, built, and deployed -
without having to embark on manual and resource-intensive
investigations.
Now, Apiiro customers will be able to
understand the multidimensional relationships across the different
application layers, enriched with business context and overlaid with
insights to:
- Better understand their attack surface and changes made over time.
- Answer regulatory and compliance questions.
- Investigate risks' root causes, potential exposure, and business impact.
- Focus application security efforts and inform application security processes.
- Understand the competencies and behaviors of developers and the code they develop.
The Explorer is built on Apiiro's
patented Risk Graph, a multidimensional risk engine that is the
foundation of Apiiro's application inventory, security alert
correlation, and risk prioritization. The Apiiro Risk Graph provides a
query language and framework-agnostic abstraction layer on top of raw
code.
Visibility is one of the biggest
challenges facing application security and development teams, and the
first-of-its-kind Risk Graph Explorer enables limitless visibility into
applications that was not possible before. The combination of the Risk
Graph's powerful application and risk context with Explorer's
easy-to-use query interface allows customers to answer advanced
questions such as "where do I have APIs in Java in a production code
that are about to be deployed to a high business impact internet-facing
environment and also use an OSS package with a critical exploitable
vulnerability?"
"The Risk Graph Explorer represents
Apiiro's vision to solve legacy application security challenges by
empowering security practitioners with visibility into every element of
their cloud applications and software supply chains," said Moti Gindi,
chief product officer at Apiiro. "With the flexibility to immediately
query for any specific questions using the Apiiro platform, this
industry-first approach equips customers with the tools and knowledge
they need to not only identify and reduce critical risks, but build
smarter, more efficient application security programs overall."