ShiftLeft released a new version of NextGen Static Analysis (NG SAST), including new workflows, purpose-built for developers that significantly improve security, while enhancing productivity.
Cavirin Systems announced the general availability of Pulsar, its next generation security platform, which builds on Cavirin’s successful ARAP (Automated Risk Analysis Platform) for an 80 percent decrease in the chance of breach and a 90 percent decrease in the cost of remediation. The Pulsar trial is available now.
Based on an agentless, API-driven and scalable architecture, Pulsar offers the transparency required for enterprises to de-risk their cloud migrations by simplifying security configuration management and continuously checking their posture against known security baselines via a customized dashboard and workflow.
“Securing global cloud solutions is an area where there is still a lot of work to be done and I am pleased to see Cavirin’s efforts with Pulsar,” said Randy Barr, Cavirin technical advisory board. “Real-time security monitoring and continuous risk assessment align with the speed of configuration changes that occur in a virtualized or container deployment. Pulsar minimizes the attack surface and clearly identifies policy drift.”
Cavirin offers an extensive regulatory and benchmark coverage supporting more than 150,000 rules across 85 regulatory and security guidelines.
Key capabilities include:
- Cloud-agnostic architecture natively supports AWS, Google Cloud Platform, Microsoft Azure and Docker containers.
- Extensive security mapping via dynamically created policy packs, across multiple regulatory standards such as PCI DSS 3.2, HIPAA, ISO27002, SOC 2, NIST CSF, CJIS, UK Cyber Essentials, CIS CSC top 20, FFIEC, NERC, GLBA, etc. to ensure complete coverage.
- Container security, such as Docker, can be scanned against industry standards such as HIPAA, PCI, SOC 2, NIST, and many others. The risk and security of a host, Docker engine, and container can be checked against the Docker Benchmark by Center for Internet Security (CIS).
- A risk-signaling engine combined with a rich RESTful API implementation positions the platform as a central point for vulnerability management, access management, threat intelligence, DevOps automation and remediation. Current third-party integrations include Chef, PagerDuty and CyberArk, with more to come.