Data Theorem announced that it runs on Amazon Web Services (AWS) Security Hub to provide better consolidation of security alerts from its cloud-native application protection platform (CNAPP).
This work helps AWS customers get even better insights from AWS Security Hub to see API, cloud, and web application exposures found by Data Theorem’s analytics engine. The main benefit is to provide AWS customers with unified alerts to quickly respond to potential data breaches.
AWS Security Hub is a cloud-based security posture management service that performs security best practice checks, aggregates alerts, and enables automated remediation. It is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status, by organizing and prioritizing alerts and findings from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie , as well as other security solutions. the AWS Partner Network (APN), such as Data Theorem’s analytics engine. The results are then visually summarized on integrated dashboards with actionable charts and tables.
“Preventing data breaches at the application layer and ensuring DevSecOps teams receive timely notifications helps improve our efforts in the security industry,” said Chitra Elango, senior director of DevSecOps at Fannie. Mae. “AWS Security Hub and Data Theorem continue to drive innovation to help all DevSecOps teams gain more actionable insights.
Protecting APIs, cloud, and web applications is essential for today’s modern organizations. By natively running Data Theorem alerts in AWS Security Hub, customers will gain real-time visibility into the security and compliance of their up-to-date cloud applications directly from the console. This insight gained through the correlation of Data Theorem insights with other data in AWS Security Hub enables customers to more quickly detect risks and potential breaches and take corrective action.
“AWS Security Hub gives organizations the ability to build security and compliance visibility directly into all of their development and modern cloud projects,” said Doug Dooley, COO of Data Theorem. “By offering Data Theorem within AWS Security Hub, IT teams and developers can more easily leverage up-to-date security risk information and uncover new attack vectors in cloud-native applications and APIs, helping thereby preventing data breaches. Data Theorem’s dynamic and runtime analysis with offensive attack surface management and active protection with observability enables organizations to perform continuous and automated security inspection, application telemetry collection and protection running their most important AWS cloud-native applications.
Cloud Secure is the industry’s first solution providing Attack Surface Management (ASM) security for cloud-native applications that starts at the client layer (mobile and web), protects the network layer (REST API and GraphQL) and extends to the underlying infrastructure. (cloud services). Its combination of attack surface management and active execution protections enable offensive and defensive security capabilities to better prevent data breaches of cloud-native applications and serverless cloud functions.
“AWS Security Hub makes it easier for our customers to identify and manage all of their AWS-related security and compliance findings,” said Ely Kahn, product manager, AWS Security Hub. “Customers can also combine these rich findings with additional data from multiple security services, including Data Theorem’s API Secure, Cloud Secure, and Web Secure products, to find additional insights and actionable insights for each identified vulnerability.”
API Secure, Cloud Secure, and Web Secure security alerts from Data Theorem are now available in AWS Security Hub.
Data Theorem’s extensive AppSec portfolio protects organizations against data breaches through application security testing and protection of modern web infrastructure, API-driven microservices, and cloud resources. Its solutions are powered by its award-winning analytics engine, which leverages a new type of dynamic analytics and execution fully integrated with the CI/CD process, and enables organizations to perform continuous, automated security inspections and measurements. .