Security Flaws and Closes Vulnerability Cases Faster with Automated API
Discovery and Security Inspection PALO ALTO, Calif. (BUSINESS WIRE) Data Theorem, Inc., a leading provider of
modern
, today announced that RingCentral has deployedits automated API discovery and security inspection solution seamlessly
into RingCentral’s DevOps and continuous integration/continuous delivery
(CI/CD) program to identify and address vulnerabilities in its modern
application environment. As a result, RingCentral has found and fixed
critical security flaws before releasing into production and closed more
vulnerabilities faster than previously possible.
RingCentral,
(NYSE: RNG) is a leading provider of global enterprise cloudcommunications and collaboration solutions empowering today’s mobile and
distributed workforce to communicate, collaborate, and connect from
anywhere, on any device. RingCentral unifies voice, video, team
messaging and collaboration, conferencing, online meetings, and
integrated contact center solutions. Its open platform integrates with
leading business apps and enables customers to easily customize business
workflows. RingCentral is headquartered in Belmont, Calif., andhas
offices around the world.
“ Data Theorem’s analyzer engine is unique in its ability to
deliver continuous, fully automated security for our mobile and API
environment, which is very important to us,” said Michael Machado, Chief
Security Officer for RingCentral. “We want to ensure that our customers
are communicating and collaborating in a secure ecosystem, and Data
Theorem’s testing of our mobile apps and APIs is an important part of
our software security testing program.”
Previously RingCentral used pen testing for gauging the security of its
mobile apps. As the company’s Unified Communications as a Service
(UCaaS) solutions evolved to heavily incorporate mobile applications,
RingCentral needed a better solution for its product security activities
that delivered scalable, flexible and continuous security testing of its
mobile apps. While traditional pen testing is a relevant part of mature
software security testing programs, its limitations include being slow
and inefficient, and often results in only periodic, point-in-time
testing.
“Data Theorem has proven very efficient and accurate in continuous
testing of each mobile app release,” said Machado. “It is an important
component of our secure software development program. In addition to
their security testing, which is industry leading, the Data Theorem team
is a great partner to work with. They are extremely focused on making
their customers successful and this goes beyond their product, which
is itself world class.”
With Data Theorem, the RingCentral team receives fully automated
security reviews of its apps in app stores. RingCentral’s developers and
security teams can log in at any time to check status, review flaws and
alerts, and receive coding-level recommendations for how to address
discovered issues. Apps are analyzed in pre-production, allowing
critical issues to be detected and addressed prior to release, as well
as tested in post-production. Data Theorem’s App Secure product performs
static and dynamic analysis on any iOS and Android application in search
of security vulnerabilities and privacy gaps.
“RingCentral is one of the world’s leading providers of enterprise cloud
communications and collaboration solutions, and we are pleased to work
with them to help identify issues related to privacy and
application-layer attacks,” said Doug Dooley, Data Theorem COO.
“Companies turn to Data Theorem to address threat models related to
modern mobile applications with continuous mobile application and API
security testing in production environments.”
Data Theorem’s API Discover and API Inspect together address security
concerns such as Shadow APIs, Serverless Applications, and API Gateway
cross-check validation by conducting continuous security assessments on
API authentication, encryption, source code, and logging. The API
security solutions support Amazon’s Lambda and API gateway tools to
discover modern APIs and to enumerate the specification using standards
such as Swagger and Open API 3.0.
About Data Theorem
Data
is a leading provider of modern application security. Itscore mission is to analyze and secure any modern application anytime,
anywhere. The Data Theorem Analyzer Engine continuously scans APIs and
mobile applications in search of security flaws and data privacy gaps.
Data Theorem products help organizations build safer applications that
maximize data security and brand protection. The company has detected
more than 300 million application eavesdropping incidents and currently
secures more than 4,000 modern applications for its enterprise customers
around the world. Data Theorem is headquartered in Palo Alto, Calif.;
with offices in New York; Paris, France; and Bangalore, India. For more
information visit www.datatheorem.com .
Data Theorem and TrustKit are trademarks of Data Theorem, Inc. All other
trademarks are the property of their respective owners.
Contacts
Dan Spalding
dan@datatheorem.com
(408)
960-9297
Do you think you can beat this Sweet post? If so, you may have what it takes to become a Sweetcode contributor...Learn More.