December 21 2020 | 2 min read
Technical | December 21 2020 | 2 min read
Vendors in the security industry continue to investigate the supply chain Solorigate attack and its implications on vendors (like FireEye) and customers worldwide using the traditional kill chain approach (which brings a kind of nostalgia for when my team at Aorato – Tal Be’ery and Michael Dubinsky and I built this chart).
Today, everyone knows that “Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win”(by John Lambert). So at apiiro, we built a graph from the beginning of time across changes, developer knowledge and behavior, business impact and more. We call it the Spacetime Graph™.
We are using AI on top of the graph to enforce adaptive risk-based governance rules on vendors and internal development teams’ code bases and to identify risky material changes before they become vulnerabilities. From code to cloud.
“The discreet malicious codes inserted into the DLL called a backdoor composed of almost 4,000 lines of code that allowed the threat actor behind the attack to operate unfettered in compromised networks.”
Apiiro understands the history of all user stories, bugs, features, epics, and code changes – together with the knowledge, location, and behavior of all contributors (e.g., developers, product managers, QA, security architects) that are relevant throughout the development process and connect them to business risks. This is how we identify risky material changes
“Stop trying to remove all unknown vulnerabilities in custom code, which increases false positives. Instead, focus developers on those with the highest severity and confidence”
Source: Gartner. “12 Things to Get Right for Successful DevSecOps” By Analysts Neil MacDonald, Dale Gardner. 19 December 2019
We are here to share our knowledge with customers on how to implement these top 5 tips. Ping me with any questions!