DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DataOps
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • DevOps Unbound
  • Webinars
    • Upcoming
    • Calendar View
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • Calendar View
    • On-Demand Events
  • Sponsored Content
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
  • Media Kit
  • About
  • Sponsor
  • AI
  • Cloud
  • CI/CD
  • Continuous Testing
  • DataOps
  • DevSecOps
  • DevOps Onramp
  • Platform Engineering
  • Sustainability
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps
    • ROELBOB
Hot Topics
  • Innersourcing Open Source Principles in the Enterprise
  • Survey Surfaces Major Observability Challenges
  • Generative AI: The 90% Rule
  • Oracle Previews Latest Java 21 Innovations
  • Buildkite Acquires Packagecloud to Streamline DevOps Workflows

Editorial Calendar RSA WhiteHat Security Allies With Bit Discovery on Vulnerability Intelligence

WhiteHat Security Allies With Bit Discovery on Vulnerability Intelligence

Avatar photoBy: Mike Vizard on May 17, 2021 Leave a Comment

WhiteHat Security, a subsidiary of NTT, has announced an integration with Bit Discovery to make it easier for developers and cybersecurity teams to discover the extent to which the attack surface they need to defend might be impacted by a vulnerability.

Bit Discovery maintains a database made up of more than 5 billion internet-connected assets and hundreds of third-party resources to automatically generate an inventory of the assets that make up an organization’s attack surface. Bit Discovery continuously scans internet-connected assets to monitor new domains, phishing sites and connected devices to provide cybersecurity teams with a deeper understanding of the threats their organization faces.

WhiteHat Security integrated its application security platform for scanning for application vulnerabilities with the Bit Discovery database via application programming interfaces (APIs) to make it possible to search that database via a dashboard. All vulnerabilities surfaced via that dashboard are verified by WhiteHat’s Threat Research Center, a team of application security experts, to reduce any potential alerts that might actually be false positives.

DataOps Day 2023Sponsorships Available

Craig Hinkley, WhiteHat Security CEO, said the goal is to make it simpler for organizations to shift more responsibility for applications security left toward developers in a way that doesn’t result in them chasing their tail every time a new vulnerability is discovered. Instead, a virtuous cycle of workflows can be created that enables developers and cybersecurity teams to collaborate more effectively, Hinkley added.

Ultimately, the goal is to make scanning for application vulnerabilities a more natural extension of any quality assurance process. The simple fact that there is so much focus today on DevSecOps best practices only highlights how much work there is to be done before security becomes just another routine gate within an automated DevOps workflow, noted Hinkley.

In the meantime, unfortunately, cybersecurity teams are finding it increasingly difficult to keep pace with the rate at which applications are being developed and updated. The Bit Discovery database integration provides a way for cybersecurity teams to have more relevant conversations with developers about which vulnerabilities need to be prioritized based on the actual threat they represent to the organization. In the absence of that integration, security becomes a losing battle, simply because developers and cybersecurity teams both are overwhelmed by the volume of vulnerabilities that would otherwise need to be investigated on their own without any assistance.

The integration between WhiteHat Security and Bit Discovery comes at a time when the focus on software supply chains has increased significantly in the wake of a series of recent high-profile breaches. More attention is now being paid to preventing malware from finding its way into the application development process. The challenge is finding a way to provide developers with actionable insights into risks that need to be mitigated before and after an application is deployed in a production environment. After all, vulnerabilities are just as often discovered after an application is deployed as they are before.

It may be a while before most organizations are able to implement a robust set of DevSecOps best practices, but the more reliable the vulnerability intelligence being provided to developers, the more likely it becomes they will act on it before a cybercriminal exploits it.

Recent Posts By Mike Vizard
  • Survey Surfaces Major Observability Challenges
  • Oracle Previews Latest Java 21 Innovations
  • Buildkite Acquires Packagecloud to Streamline DevOps Workflows
Avatar photo More from Mike Vizard
Related Posts
  • WhiteHat Security Allies With Bit Discovery on Vulnerability Intelligence
  • Cybersecurity Fears May Drive Shift to Managed DevOps
  • Noetic Cyber and Rumble Partner to Provide Complete Visibility into Organizations’ Cyber Assets and Attack Surface
    Related Categories
  • DevOps Practice
  • DevSecOps
  • Features
  • RSA
    Related Topics
  • application monitoring
  • Bit Discovery
  • Cybersecurity
  • devsecops
  • WhiteHat Security
Show more
Show less

Filed Under: DevOps Practice, DevSecOps, Features, RSA Tagged With: application monitoring, Bit Discovery, Cybersecurity, devsecops, WhiteHat Security

« Cloud Governance Can Trim Cloud Costs
Illusive Donates Security Resources and Charitable Contributions to Highlight Organizational Risk »

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

What AI Doesn't Know About Kubernetes in Production
Thursday, September 21, 2023 - 12:00 pm EDT
The Benefits of Accelerating Your Application Modernization Journey With AWS
Thursday, September 21, 2023 - 1:00 pm EDT
Cloud Security Turbocharged: A Wild Ride of Innovation, Threats and Staying Ahead
Friday, September 22, 2023 - 11:00 am EDT

GET THE TOP STORIES OF THE WEEK

Sponsored Content

JFrog’s swampUP 2023: Ready for Next 

September 1, 2023 | Natan Solomon

DevOps World: Time to Bring the Community Together Again

August 8, 2023 | Saskia Sawyerr

PlatformCon 2023: This Year’s Hottest Platform Engineering Event

May 30, 2023 | Karolina Junčytė

The Google Cloud DevOps Awards: Apply Now!

January 10, 2023 | Brenna Washington

Codenotary Extends Dynamic SBOM Reach to Serverless Computing Platforms

December 9, 2022 | Mike Vizard

Latest from DevOps.com

Innersourcing Open Source Principles in the Enterprise
September 21, 2023 | Bill Doerrfeld
Survey Surfaces Major Observability Challenges
September 20, 2023 | Mike Vizard
Generative AI: The 90% Rule
September 20, 2023 | Don Macvittie
Oracle Previews Latest Java 21 Innovations
September 19, 2023 | Mike Vizard
Buildkite Acquires Packagecloud to Streamline DevOps Workflows
September 19, 2023 | Mike Vizard

TSTV Podcast

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays

Most Read on DevOps.com

CloudBees Unfurls Dual CI/CD Strategy at DevOps World Event
September 14, 2023 | Mike Vizard
CloudBees CEO: State of Software Development is a Disaster
September 14, 2023 | Mike Vizard
Google De-Recruits 100s of Recruiters ¦ ARM Valued at $45½B in IPO
September 14, 2023 | Richi Jennings
Why Enterprises Should Embrace Data-Driven Software Management
September 15, 2023 | Alex Circei
Summit Highlights Open Source Software Security Progress
September 14, 2023 | Mike Vizard
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2023 ·Techstrong Group, Inc.All rights reserved.