According to the manufacturer Veracode, the Continuous Software Security Platform combines the needs of security and development teams.
Veracode’s new Continuous Software Security Platform seamlessly integrates application security into the software development lifecycle (SDLC). The platform streamlines workflows by bringing the development and security teams together. As a result, it provides a comprehensive view of risks, mitigations, and current progress at every stage of the development process.
According to a study by Veracode, the average scanning frequency has increased 20-fold over the past decade, with most applications being scanned three times a week. Ten years ago, on the other hand, they were scanned three times a year. In addition, the study shows a 31 percent increase in companies using multiple scan types.
The Veracode Continuous Software Security Platform offers the following features, among others:
- Single-Pane-of-Glass-Reporting: Security teams can now access unified reports for static analysis, dynamic analysis, software composition analysis, and manual penetration testing right in the portal. Admins and developers gain visibility into security risks and apply flexible policy controls with more meaningful license management reports to quickly resolve issues.
- Self-Service-Peer-Benchmarking: With comprehensive data and anonymized insights from all platform users, customers now have direct access to reports from the portal, allowing them to easily compare the results of their DevSecOps programs with those of other companies in their industry. Based on historical data and long-term insights, clients can see how their program metrics compare and create plans to mitigate their risks.
- Software Bill of Materials (SBOM): Security teams can generate and export SBOMs on demand using a built-in REST API. This returns data for a specific application in CycloneDX SBOM format – a standard developed for use in application security contexts and for analysis of supply chain components. In addition, the data from the API can also be processed and converted outside of the Veracode platform.
- Smart fix: The Continuous Software Security Platform leverages technology acquired from Jaroona to identify and remediate software vulnerabilities using machine learning.
Source: com! professional by www.com-magazin.de.
*The article has been translated based on the content of com! professional by www.com-magazin.de. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!