This fully customised solution supported by a vast open source community could help to quickly find, evaluate, prioritise, and fix security threats and vulnerabilities.
Today, Bearer, a provider of data-first security software, announced that its application security technology is now available as open source code. Bearer was tested during development on more over 20,000 open source applications.
Bearer is a Static Application Security Testing (SAST) solution used by engineering and security teams across numerous industries, with one customer alone protecting the private information of more than 75 million medical patients. Bearer is now available as open source code (under the Elastic License). It evaluates the OWASP Top 10 security risks in web applications in a matter of minutes, filters out vulnerabilities, and ranks them according to how they affect sensitive data.
It is extremely difficult for overworked and understaffed teams to successfully manage application security solutions currently on the market, especially SAST products, because they are infamously bad at monitoring business impact. At the same time, data leakage and loss rank among the top worries for most businesses regarding their software technology stack. By focusing application security efforts on resolving issues that directly affect the security of sensitive data, Bearer’s solution efficiently reduces the attack surface for the business and offers a novel solution to both difficulties.
By analysing delicate data flows in code, Bearer, a data-first solution, evaluates and prioritises security threats and vulnerabilities to indicate what needs immediate attention. Bearer is thorough and identifies 122 different data types, which are categorised in well-known ways including PI, PHI, and Personal Data.
Given that the average cost of a single data breach in the U.S. is now estimated at $9.44 million, Bearer’s technique is a first for the industry and eventually presents a new paradigm to examine security risks.
“Our goal is to help security and engineering teams ship secure software faster by focusing on what matters the most,” said Guillaume Montard, CEO and co-founder of Bearer. “We empower developers by explaining what the top issues are, why they matter and how to fix them. By making our code open source, we give developers complete control and understanding of our SAST solution, making it easy to customize, extend and take advantage of the rapid innovation cycles and support of a global community of developer peers.”