End-to-End Protection from Development through Production
Virsec is the first security vendor to combine advanced CI/CD application testing with continuous monitoring during runtime, delivering unprecedented accuracy, time savings, and real-world attack prevention. Built on the world’s most advanced runtime application protection platform, Virsec has combined automated attack simulation, intelligent fuzzing, and context-sensitive instrumentation to deliver a new level of end-to-end security at all stages of the SLDC. With Virsec you can effectively shift left by embedding runtime protection directly into your CI/CD pipeline.
Conventional Application Testing Comes Up Short
As the complexity of applications increases, so does the size of your code base and number of vulnerabilities. In December 2019, over 22,000 new vulnerabilities in open source and COTS applications were reported into the US-CERT National Vulnerability Database (NVD). Traditional security models consisting of vulnerability scanning, penetration testing and patching just can’t keep up with this tsunami.
Traditional application security tools like SAST, DAST, and IAST:
- Produce floods of false positives that must be chased down manually
- Deliver vague recommendations that don’t pinpoint software flaws or prioritize vulnerabilities
- Only work on fully assembled applications – not components early in the SDLC
- Require deep analytical pen testing skills
- Don’t scale, requiring huge amounts of intense manual labor
As a result, pre-production testing leaves much of the attackable surface of the application exposed when code goes live. This is further complicated by code development environments (such as OS versions or runtime libraries) differing from production environments. In addition, applications can be deployed in a range of environments – such as data centers, VMs, containers, or public/ private/ hybrid clouds – each with differing security requirements.
COMBINING ATTACK STIMULATION WITH RUNTIME APPLICATION PROTECTION
Virsec is the first solution to close the loop between development and production security. The solution modernizes and automates security testing while integrating it with advanced runtime application protection. The result delivers automation, scalability, unprecedented accuracy and continuous protection from real-world attack.
The solution combines these key components:
Web Attack Simulator
Through our research and advanced detection tools, Virsec has compiled an extensive library of specialized payloads that map to CAPEC standards. These are combined with multiple obfuscation techniques, such as single, double and mixed encoding, to test applications against the widest range of simulated attacks.
Virsec automates testing, injecting thousands of combinations of URLs, parameters, obfuscation techniques, and OWASP threats, stress testing every user input of the HTTP packet. Specialized payloads are added into the HTTP request line, parameters, query strings, fragments, headers and key-value pairs. This delivers code coverage, diversity, and entropy testing far beyond the capabilities of manual penetration testing.
Application Runtime Protection
Using Virsec’s advanced runtime instrumentation technology, embedded controls instantly detect if the application is generating attacker-influenced code for execution on downstream interpreters. Unlike RASP tools, Virsec puts the whole picture together with stateful analysis of complete web transactions, including responses across web servers, app servers, and backend databases. Virsec detects threats the first time, without relying on rules, heuristics, learning or constantly updating signatures.
Actionable Reporting & Forensics
The solution automatically generates comprehensive reports with critical detail including the risk score for developers and application owners. These reports precisely pinpoint code flaws with rich contextual attack-related meta data. This enables developers to prioritize remediation efforts, while letting businesses make smart decisions about the risk levels of deployed applications. The solution integrates seamlessly with enterprise ticketing systems such as JIRA, while producing detailed forensic data for 3rd party GRC solutions.
Compensating Controls During Runtime
Virsec is the first solution to close the loop between development and production, applying the same advanced attack detection during testing, and runtime production. This continuous monitoring and protection approach effectively delivers compensating controls for vulnerabilities that could not be remediated in a timely manner because of time-to-market deadlines.
Virsec is the only testing solution that continuously monitors and protects applications during runtime, and new threats detected during runtime can be automatically reported back to development teams for ongoing remediation.
Built for the Cloud and Containers
Virsec Runtime Application Protection will work seamlessly across public/ private/ hybrid clouds as well as different virtualization types such as containers, VMs or even physical machines.
“ Virsec’s accuracy in detection and immediacy of protection executed stood out. Once the solution is deployed, protections are in place and there is nothing to do – a shocking revelation compared to other products. ”