I’m Roy Avrahamy, an Application Security Engineer at Kaltura. We have over 200 developers and only one me. I created a Kultura Aplication Security function from scratch, and Apiiro provides me with the visibility and context I need to build a mature and measurable AppSec program. So first, Apiiro helps me discover all of our assets across the organization. It gives me visibility to all of my products in the repositories and contributors. And, I’ve used Apiiro to understand and quantify our application risk and to help me prioritize the risks that can have an impact on my business.
Apiiro’s automation workflows help me to do more with my time instead of all the manual processes I used to perform. I use Apiiro’s governance rules to automate our processes with the context we need to make better and smarter decisions. One of our recent focuses has been on finding and removing secrets in code. So, every time Apiiro detects a secret, it not only automatically notifies me and the developers that committed the code, but it gives us essential context, such as whether the application is internet facing or stores sensitive information. I believe in Apiiro much more than for secrets in code. But, it’s a great example of how Apiiro is helping us build a mature and measurable Application Security and the risk for it.