Oxeye's Cloud Native Application Security Testing Platform to Highlight Vulnerabilities

Enterprise Security Magazine | Wednesday, January 05, 2022

Oxeye's Advanced CNAST Platform examines code-level flaws to provide contextualized risk assessments for cloud native applications.

Fremont, CA: Building, installing, and using software that hasn't been designed with security in mind can be dangerous, like crossing a tightrope without a net. Oxeye has unveiled its Cloud Native Application Security Testing Platform (CNAST), a technology innovation in cloud-native application security testing. The new platform analyses code vulnerabilities, open-source vulnerabilities, and secrets in order to highlight the most serious concerns in the software development lifecycle and provide clear instructions for quick and accurate remedies.

On the other hand, Cloud native application security testing requires a different strategy than traditional AST. One that adds context to the surrounding application components by enriching them. The Oxeye CNAST technique, unlike SAST, DAST, IAST, and SCA, focuses on contextual analysis to identify exploitable vulnerabilities and secrets. This covers risk analysis, detailed mapping of all app components and how they interact, lightweight fuzzing for active validation, and enrichment of the underlying container, cluster, and cloud setups.

"Pieces of code are located literally everywhere throughout cloud native applications," states Dean Agron, Co-Founder and CEO of Oxeye. "The Oxeye platform provides a single unified platform for modern application security testing, providing highly accurate vulnerability testing prior to production. With it, users gain access to the most prominent, automated security risk testing solution for all important stages of software development."

Oxeye CNAST is focused on the cloud native AST market, which is quickly growing as AppSec and DevSecOps experts strive to safeguard the more than 500 million cloud-native apps estimated to be deployed by 2023. To ensure that these applications are secure, developers will need to test them thoroughly and ensure that they remain secure throughout their deployment. Oxeye offers scalable, ever-changing settings and adjusts to changes automatically for an agile testing scope without requiring code changes or manual intervention.

Weekly Brief