Contrast Securityย (Contrast), the code security platform built for developers and trusted by security, announced the expansion of its Contrast Serverless Application Security (Contrast Serverless) offering to support Microsoft Azure Functions and enable customers to quickly scan for security vulnerabilities on multi-cloud environments.
Organizations are rapidly adopting serverless and cloud-native development due to their inherent benefits. However, companies struggle to understand what applications are fully secured due to public cloud providersโ โshared responsibility security model,โ especially if theyโre leveraging multi-cloud IT strategies. According to the Forrester Avoid The Security Inconsistency Pitfalls Transitioning To Serverless 2022 report, โdata showsย 74%ย of infrastructure decision-makers at firms that are adopting public cloud use two or more public clouds and 17% are using five or more. Therefore, itโs no surprise thatย 82% of cloud usersย have experienced security events due to confusion over shared responsibility security models.โ Contrast Serverless meets the demands of organizations requiring a new security tooling purposely built to evaluate serverless risks while protecting against common vulnerabilities (CVEs), detecting misconfigurations and uncovering user privilege issues within a single interface.
โWith the tremendous adoption of Microsoft Azure Functions by customers around the globe, weโre glad to see a partner like Contrast Security deliver a modern approach to help those organizations optimize their serverless security,โ saidย Tony Surma, Chief Technology Officer, US Partners, Microsoft. โSupporting proper permissions settings and uncovering vulnerable code with suggested remediation is an essential part of a secure modern application platform.โ
CIO INFLUENCE: Apprentice Now Joins Amazon Web Services Training Partner Program to Deliver AWS Cloud Skills Training
With the addition of Microsoft Azure Functions support, organizations will be able to evaluate their serverless application risk on both Amazon Web Services (AWS) and Microsoft platforms from a single offering, as well as other benefits including:
- Complete visibility of cloud-native serverless functions within the application to enable AppSec team to monitor the organizationโs serverless posture at all times.
- Statically scan for vulnerabilities in open source dependencies used within applications and custom code.
- Detect misconfigurations.
- Uncover least privilege issues based on Microsoft Azure function policy roles and active directory configurations.
- Generate a contextual Microsoft Azure Functions risk score based on the above methods enabling teams to address the highest risk issues first.
- Ability to apply remediation on function code both in AWS and/or Microsoft Azure environments.
โThe ability to analyze access permissions, evaluate the security posture of open source components and identify attack surfaces together provides organizations with the context and precision needed to assess serverless application security risks. This combined with the added benefit of uncovering high-priority issues during the development process โ and not after the fact when the application has already been made publicly available โ is a unique value delivered by Contrast,โ saidย Steven Phillips, Vice President of Product Marketing at Contrast Security. โDevelopers can now efficiently secure cloud-native applications and take advantage of best-of-breed offerings from multiple hyper-scale cloud providers.โ
CIO INFLUENCE: PlainID Launches The PlainID Technology Network to Enable Identity Aware Security for Advanced Access Control
[To share your insights with us, please write toย sghosh@martechseries.com]
