The Application Security Division of NTT Ltd., a leader in application security, has unveiled The WhiteHat Vantage Platform to provide modern developers and security teams with end-to-end security coverage of web applications and APIs testing throughout the software development lifecycle (SLDC).
Built on top of a powerful and flexible cloud-based SaaS architecture, The WhiteHat Vantage Platform lays the foundation for enterprises to take a simplified approach to application security. By layering three lightning-fast, purpose-built testing solutions at the most critical inflection points of the SDLC, developers and security teams can focus on priority items.
Additionally, the platform features a robust public API that unlocks seamless integrations with teams’ existing tools to streamline workflows, automate application security testing and deliver insights by consolidating results from layered testing solutions.
Alongside the announcement, NTT Application Security revealed Vantage Inspect powered by ShiftLeft, the first solution under The WhiteHat Vantage Platform. Designed to provide a familiar and intuitive experience, Vantage Inspect is a developer-focused solution that combines software composition analysis (SCA), static application security testing (SAST) and infrastructure-as-code technologies to give in-context security feedback within their native code repository.
This direct line of communication allows developers to secure code early in development so critical vulnerabilities are not deployed into pre-production, while also educating developers on best practices for producing higher quality code.
Vantage Inspect powered by ShiftLeft gives enterprises a differentiated ability to:
- Prioritize SCA findings by attackability. Vantage Inspect detects open-source software (OSS) vulnerabilities in applications and uses the power of the Code Property Graph (CPG) to determine if identified vulnerabilities would be exploitable in production. This gives developers the ability to prioritize library patching based not only on vulnerability criticality but also on the likelihood that an attacker will find and exploit a weakness.
- Get up and running quickly with easy onboarding. Vantage Inspect links directly to a GitHub account so teams can get started immediately or use a single-line invocation in the command-line interface (CLI).
- Let teams work within their native environments. Vantage Inspect is invocable through Azure Pipelines, Bamboo, Jenkins, CircleCI, Docker, GoCD, TeamCity, and Travis CI.
In the next phase of the platform launch, NTT Application Security will introduce organizations to Vantage’s patented, intelligence-directed dynamic application security testing (ID-DAST). This technology unlocks the ability for DevOps teams to integrate functional and dynamic security testing at each step of the SDLC and prevent exploitable vulnerabilities from reaching production.
To learn more about The WhiteHat Vantage Platform, go to NTT Application Security’s website.
NTT Application Security will demonstrate The WhiteHat Vantage Platform at RSA 2022, Feb. 7-10, in San Francisco. NTT Application Security will be located in booth number 4525 in the North Hall.