As enterprises modernize their software development practices (agile methods, cloud infrastructure, open source libraries, DevOps automation, microservice architectures, etc.), their efficiency gains in feature release velocity strain traditional security practices, which have remained largelymanual.
The most prevalent vulnerability for.Net applications is information leakage, such as inadvertently pushing critical data to external logs, code repositories or databases. Unlike traditional external approaches to identifying data leakage, which rely on highly inaccurate pattern-matching, ShiftLeft maps data flows from the inside the application. ShiftLeft identifies which objects and variables are critical and plots their path across sources, transforms and sinks whether they be micoservices, open source libraries, commercial SDKs or 3rd partyAPIs.
“With Europe’s GDPR, and states like California adopting similar privacy laws, data protection is no longer just finance and healthcare’s problem. The types and volume of data that must be treated as critical is skyrocketing for all industries,” said Chetan Conikee, ShiftLeft CTO and Co-Founder. “Now ShiftLeft enables.Net developers to automatically determine whether or not new release inadvertently leaking data, such as logging device tokens in Splunk or unencrypted credit card numbers inS3.”
As.Net Core and Azure have embraced open source, the adoption of open source libraries in.Net applications is growing rapidly. Despite their efficiencies, open source libraries introduce new security challenges. The most difficult of which are contextual vulnerabilities, that stem not from the library itself, but how it interacts with the rest of the application. However, ShiftLeft’s Code Property Graph understands what an application is and is not supposed to do. Hence, contextual vulnerabilities represent deviations that are easily identified.
“Until now,.Net security teams have been faced with a terrible choice: slow down the driver of innovation or release insecure code,” said Manish Gupta, ShiftLeft CEO and Co-Founder. “In less than 10 minutes, our Code Property Graph can identify how an application is vulnerable during the build process and then block exploit attempts when release to production. This means even the most advanced CI/CD environments can release as fast as they want to without ever worrying about security slowing themdown.”
To see how ShiftLeft can improve security of your.Net applications, please request a free trial today!
ShiftLeft for .Net was originally published in ShiftLeft Blog on Medium, where people are continuing the conversation by highlighting and responding to this story.