Digital transformation initiatives drive organizations to become software-centric, as developers quickly deliver capabilities designed to stay ahead of the competition. To enable such a CI/CD pipeline, many organizations turn to the cloud – notably Amazon Web Services – for the flexible infrastructure that supports the rapid development and delivery of software, such as microservices.
This push towards rapid software delivery is not without its challenges, and the importance of risk and vulnerability management cannot be understated. In fact, at the Gartner Security & Risk Management Summit last week, the research firm shared the 10 most important security projects this year for IT risk management leaders to consider; cloud security, container security and vulnerability management all feature prominently.
This week, AWS re:Inforce convenes in Boston as the first conference focused specifically on AWS security. AWS has made great advancements in the security offerings it delivers, including the AWS Security Hub service, which launched last November to help prioritize alerts from AWS and partner security technologies.
That said, the question remains: as organizations leverage AWS to deliver a continuous stream of applications, how can they comprehensively address risk and vulnerabilities through the software development lifecycle?
Risk & Vulnerability Management throughout the SDLC
As customers leverage AWS as part of their software development programs, gaining a comprehensive view of risk across becomes challenging. To address this, ZeroNorth is unveiling a new integration with AWS Security Hub at re:Inforce to help organizations proactively manage software and infrastructure vulnerabilities in the cloud. (Tweet This!)
The ZeroNorth platform integration with AWS Security Hub provides a comprehensive view of application and infrastructure security across AWS, from custom code development, to open source libraries, to applications moving towards production. It puts risk into the context of the customers’ application development and delivery process, across the entire software development stack.
Through our integration with AWS Security Hub, ZeroNorth customers can now:
- Ingest, correlate and prioritize data from AWS Security Hub partners, in addition to the other application and infrastructure scanning tools they may have in place
- Gain a real-time view into vulnerabilities and misconfigurations across AWS cloud infrastructure, correlate the data across software and infrastructure scanning tools, and prioritize risk for remediation
- Identify vulnerabilities in the AWS servers used to develop and deploy applications
- Deliver tickets to developers based on the consolidated view of vulnerability data – greatly streamlining remediation
ZeroNorth streamlines the previously manual process of managing dozens of different scanning tools – and this integration is a major step forward in bringing the power of our security orchestration platform to the cloud.
We have a few other very exciting features that we’ll be introducing in a significant update to the ZeroNorth platform that we’ll be announcing soon – this is just the first.
*** This is a Security Bloggers Network syndicated blog from Blog | ZeroNorth authored by ZeroNorth. Read the original post at: https://www.zeronorth.io/blog/risk-visibility-across-the-app-stack-cloud-zeronorth-unveils-integration-with-aws-security-hub/