▾ G11 Media Network: | ChannelCity | ImpresaCity | SecurityOpenLab | Italian Channel Awards | Italian Project Awards | Italian Security Awards | ...
InnovationOpenLab

DryRun Security Introduces Contextual Security Analysis (CSA) Guide for AppSec

DryRun Security, a pioneering company addressing the gap between security and developers, is thrilled to unveil their new Contextual Security Analysis guide, catered to AppSec professionals and develo...

Business Wire

Complimentary Guide Presents Insights and Solutions to Enable Developers to Efficiently Implement CSA

AUSTIN, Texas: DryRun Security, a pioneering company addressing the gap between security and developers, is thrilled to unveil their new Contextual Security Analysis guide, catered to AppSec professionals and developers. The guide, accessible at www.dryrun.security/resources/csa-guide, equips readers to scale application security across their organization. This resource offers valuable insights on security testing that fits with modern development practices at organizations using DevOps or Agile methodologies for software delivery.

Contextual Security Analysis (CSA) represents a novel approach to application security that centers on comprehending an application's functionality, identifying sensitive components, and assessing the potential security implications of code changes. CSA leverages contextual cues gathered during code development, such as code paths, functions, authors, and languages, to facilitate real-time context-aware assertions. This approach is particularly effective for modern applications characterized by distribution, microservices architecture, and substantial reliance on APIs and third-party elements. The guide from DryRun Security is an essential tool to understanding how developers can secure their applications without being security experts.

“When developers outnumber security 100 to 1, a different approach is needed,” said Ken Johnson, Co-founder & CTO, DryRun Security. “This guide pulls from my experience at GitHub, where every piece of work we performed involved calculating risk. At GitHub, we used a risk metric to guide our efforts in everything from vulnerability triage to security reviews and everywhere in between. We constantly made these risk calculations and risk-based decisions, and we did so utilizing a multitude of variables and contextually relevant data. We didn’t call it Contextual Security Analysis at the time, but looking back now that really was the origin story for Contextual Security Analysis.”

Brian Walter, CEO of OpenContext, attests to the value of Contextual Security Analysis: "DryRun Security has guided us in uncovering security vulnerabilities within lesser-explored areas of our code. Their mission aligns seamlessly with our organization's ethos, as our developer team holds security in high regard. DryRun Security technology empowers our developers to preemptively address issues during the build phase, ensuring the delivery of a secure end product to our customers." Walter anticipates that the guide will facilitate the implementation and scalability of novel application security testing, and align the security and development groups in larger organizations.

The Contextual Security Analysis guide seamlessly aligns with DryRun Security's overarching objective of bridging the gap between security and developers. This initiative presents developers, who notably outnumber security professionals, with a robust solution and guidance for CSA implementation. As the company remains at the forefront of CSA innovation, this guide expands on the security training and industry presentations Johnson and James Wickett, CEO of DryRun Security, have delivered on the subject. Notably, the DryRun Security beta program has already provided tangible instances of contextual security analysis in action, drawing significant interest for its ability to bridge the development and security divide.

For more details about DryRun Security and to access the free CSA Guide, please visit https://www.dryrun.security/.

***

About DryRun Security: DryRun Security stands as a pioneering software security enterprise, delivering automated security reviews in tandem with code development. Founded by James Wickett and Ken Johnson, the company introduces an inventive approach through Contextual Security Analysis, an exclusive method refined by training over 10,000 developers in security testing and code reviews. This innovative approach empowers developers and security teams to transcend conventional security assessment approaches, proactively addressing potential bugs prior to deployment. To learn more, please visit https://dryrun.security/.


Contacts

Aaron Berger for DryRun Security
aaron.berger@asbstrategies.com
917-355-8959



Comunicato stampa - Responsabilità editoriale di Business Wire

Vedi la versione originale su businesswire.com:
http://www.businesswire.com/news/home/20230815640856/en/DryRun-Security-Introduces-Contextual-Security-Analysis-CSA-Guide-for-AppSec/

If you liked this article and want to stay up to date with news from InnovationOpenLab.com subscribe to ours Free newsletter.

Related news

Last News

RSA at Cybertech Europe 2024

Alaa Abdul Nabi, Vice President, Sales International at RSA presents the innovations the vendor brings to Cybertech as part of a passwordless vision for…

Italian Security Awards 2024: G11 Media honours the best of Italian cybersecurity

G11 Media's SecurityOpenLab magazine rewards excellence in cybersecurity: the best vendors based on user votes

How Austria is making its AI ecosystem grow

Always keeping an European perspective, Austria has developed a thriving AI ecosystem that now can attract talents and companies from other countries

Sparkle and Telsy test Quantum Key Distribution in practice

Successfully completing a Proof of Concept implementation in Athens, the two Italian companies prove that QKD can be easily implemented also in pre-existing…

Most read

New Study from UK’s Largest Virtual ADHD Service Validates Role of Objective…

As demand for virtual ADHD care increases, findings from a new study conducted with ADHD 360, the UK’s largest evidence-based digital service specializing…

Mogo to Participate in the D. Boral Capital Inaugural Global Conference

Mogo Inc. (NASDAQ:MOGO) (TSX:MOGO) (“Mogo” or the “Company”), a digital wealth and payments business, today announced that it will be participating in…

Nanyang Biologics and Precisya Global Inc Announce Strategic Collaboration…

Nanyang Biologics (NYB) and Precisya Global Inc (PGI) announce a strategic collaboration to leverage our technologies in validating potential therapeutic…

Infrrd's Recognition as ‘IDP Innovator of the Year’ by Deep Analysis:…

#agenticAI--Infrrd, a global leader in Intelligent Document Processing (IDP), has been awarded the IDP Innovator of the Year by Deep Analysis. This recognition…

Newsletter signup

Join our mailing list to get weekly updates delivered to your inbox.

Sign me up!