Data Theorem announced the
launch of Code Secure, the latest evolution in application security
designed to protect the software supply chain from code to deployment. Code
Secure uniquely integrates Static Application Security Testing (SAST), Software
Composition Analysis (SCA), and Supply Chain Security capabilities-including
Software Bill of Materials (SBOM) management-into a comprehensive product
offering.
Code Secure Dashboard
This cutting-edge solution offers application security teams
dynamically verified insights into vulnerabilities, open-source dependencies,
and the overall software composition, encompassing both first and third-party
components. By automating the analysis of security issues across the entire
codebase, Code Secure minimizes the manual effort involved in sifting through
vast amounts of data. It empowers teams to prioritize the most critical
vulnerabilities, enabling faster remediation and strengthening security earlier
in the development lifecycle. This proactive approach significantly reduces the
risk of breaches, while ensuring continuous compliance with industry standards,
providing peace of mind as applications scale in complexity.
According to Gartner, "Application security tools
invariably produce reams of data about potential vulnerabilities. Traditional,
frequently manual, approaches to assessing and prioritizing these findings have
failed to scale to accommodate either the amount of data (which has grown
exponentially as new types of tests, generating ever more findings, are
implemented) or the speed associated with modern development processes. This
situation inevitably results in a number of adverse outcomes. Development,
platform engineering, cloud operations, security teams and others frequently
struggle to prioritize specific security issues that should be addressed more
holistically to provide optimal reduction in risk."
Code Secure's comprehensive Full Stack Security analysis
offers unique advantages by providing visibility across all layers of an
application's architecture-from code, APIs, and open-source libraries to cloud
environments and third-party components. By connecting these elements in a
single, cohesive view, Code Secure enables security teams to not only identify
vulnerabilities in isolation but to understand how they interrelate and impact
the overall security posture. This full-stack visibility allows teams to
address root causes more effectively, improving the accuracy of risk
assessments and enhancing their ability to defend against evolving attack
vectors. Ultimately, this helps organizations maintain a stronger, more
resilient security posture, even as applications evolve through development,
deployment, and scaling.
"Data Theorem is committed to leading the market in
application and API security innovation," said Doug Dooley, COO at
Data Theorem. "With Code Secure, we've built on the foundation of our
Supply Chain Secure product to offer an integrated approach that helps security
and DevOps teams confidently secure their software. By consolidating SAST, SCA,
and SBOM management with real-time verification and attack path visualization,
Code Secure delivers unparalleled protection for organizations. This new,
integrated code security offering delivers significant cost savings and
simplicity for customers seeking to eliminate complexity and alert fatigue
often associated with their legacy SAST and SCA scanning tools."
Key Differentiators of Code Secure Include:
- Tool
Consolidation: Code
Secure integrates SAST, SCA, Supply Chain, and SBOM management, reducing
the need for multiple, overlapping tools.
- Dynamic
Verification: DAST
(Dynamic Application Security Testing) verification of code findings for
APIs and applications ensures more accurate identification of
vulnerabilities.
- Attack Path
Visualization: Code-level
violations are incorporated into attack path visualizations, providing
security teams with a clearer understanding of potential exploit pathways.
Code Secure's launch follows Data Theorem's introduction of
its Attack Path Visualization capabilities, which were
highlighted at the Apidays Paris event in December 2023. Together, these
innovations exemplify Data Theorem's commitment to offering end-to-end security
solutions for modern, cloud-native applications.
Availability
and Pricing
Code Secure is available today with subscription based
pricing starting at $50 per seat per month.