Reduce complexity, increase scalability, improve cost-efficiency, and strengthen backup / disaster recovery with a DAST solution like WhiteHat Dynamic.
Despite the proliferation of application security testing (AST) tools in use today, the vast majority of organizations knowingly push vulnerable code to production. Nearly 70% of respondents in a recent survey reported using 11 or more AST tools on more than half their codebase, and 69% of them rated the effectiveness of their security program as an 8 or higher on a scale of 1 to 10. And yet, nearly 80% of the same organizations admitted pushing code with known vulnerabilities to production at least occasionally (with nearly 50% admitting doing it regularly).
It’s no secret that software complexity and speed of development are the main culprits. Security teams simply can’t keep up. At the same time, malicious hackers are homing in on vulnerabilities in web applications. According to Forrester, applications are the most common attack vector, and web application exploits are the third-most common type of attack. So what’s an organization to do when the need to produce more applications more quickly collides with the need to secure them?
DAST to the rescue
Dynamic application security testing (DAST) scans live applications in their running environments, providing a real-time map of an organization’s attack surface and an understanding of its true risk posture. The emphasis on “shift left” and securing applications in development has not resulted in a reduction of breaches. If anything, breaches are more common (and more dangerous) than ever.
If the ultimate goal is a digital future free of breaches, DAST must play a central role. After all, DAST finds the actual vulnerabilities that put an organization and its end users at risk. Insights from DAST can also help security and development teams better configure their static application security testing (SAST) and software composition analysis (SCA) parameters and influence more secure coding practices.
A modern DAST solution offers several key benefits for organizations testing their web applications and frameworks.
- Full visibility into risks and the front line of defense
- Intelligent remediation via machine learning that automates the prioritization of results
- Continuous and on-demand scanning to automatically detect vulnerabilities as web applications evolve
- Production safe scans without any downtime that save resources and cost
Why cloud-based DAST?
With so many organizations running so many AST tools and yet remaining vulnerable to attack, it’s safe to say that security and development teams are not remediating all the findings their tools are flagging. To this end, the best AST tools are the ones that get adopted, utilized, and responded to.
A report by 451 Research titled “Voice of the Enterprise” showed the greatest AST tool inhibitors include
- Lack of staff expertise: 37%
- Solution complexity: 25%
- Complexity in setting up: 24%
- Solution usability: 23%
- Inadequate staffing: 20%
Unfortunately, legacy DAST tools deployed on-premises exacerbate many of these usability challenges.
- They require specialized staff to orchestrate the tools, define pathways, and confirm vulnerabilities exist.
- They make it difficult to test in production environments due to firewall and preproduction complexities.
- They require costly hardware to implement and run.
- They require in-house maintenance, updates, and upgrades.
These challenges lead to longer implementation times, inability to scale as needed, more cost with lower adoption, and reduced ROI.
By comparison, a cloud-based DAST solution such as WhiteHat™ Dynamic that is delivered as software-as-a-service (SaaS) offers ease of use, scalability, cost-effectiveness, and backup / disaster recovery.
Ease of use
Cloud-based DAST requires the URL of the website to scan. That’s it. The tool tests applications the way an attacker would: in their running environments the way they were intended to run. Results are vetted to reduce false positives, so development teams don’t get buried in remediation efforts, increasing developer buy-in.
Scalability
As businesses grow and the number of web applications increase, security testing and remediation becomes exponentially more complex. Scaling the testing effort is often unfeasible due to resource and cost constraints. SaaS solves both issues with economy of scale: onboarding 100 web applications is the same as onboarding 10. WhiteHat Dynamic can onboard and test over 10,000 websites concurrently.
Cost-effectiveness
Anything that brings complexity also brings cost. On-premises solutions requiring personnel and hardware to implement and maintain will cost more than a cloud-based solution. Every organization has different needs, but it’s generally less expensive to outsource tooling and maintenance than to absorb it in-house.
Backup / disaster recovery
System failure presents a host of fallouts, internal and external—but all bad. Internal resources that are already stretched become that much more so, and damage to brand reputation and revenue, plus potential legal issues make for a perfect storm that can present existential risk to some businesses. With a cloud solution, that risk is absorbed by the provider. Quick response times ensure businesses keep running without impact on performance or the bottom line.
SaaS DAST is the best DAST
Many organizations are realizing their legacy AST tools are inadequate in today’s development environment. Most of these tools were developed exclusively for on-premises deployment. In addition to the onboarding and maintenance overheads, these legacy AST tools created bottlenecks for organizations, exhausting time and resources, and adding costs. Already-inundated development and security teams were forced to weed through boatloads of false positives, further eroding the trust between developers and security staff.
By implementing DAST as a SaaS solution, organizations can realize the benefits of testing web applications in their production environments without running up costs or overburdening in-house teams. The resulting benefits of ease of use, scalability, cost-effectiveness, and backup / disaster recovery make cloud-based DAST a no-brainer for organizations looking to scale their security coverage without sacrificing business growth.
如有侵权请联系:admin#unsafe.sh