CIO Influence
CIO Influence News Security

DryRun Security Introduces Contextual Security Analysis (CSA) Guide for AppSec

DryRun Security Introduces Contextual Security Analysis (CSA) Guide for AppSec

Complimentary Guide Presents Insights and Solutions to Enable Developers to Efficiently Implement CSA

DryRun Security, a pioneering company addressing the gap between security and developers, is thrilled to unveil their new Contextual Security Analysis guide, catered to AppSec professionals and developers. The guide, accessible , equips readers to scale application security across their organization. This resource offers valuable insights on security testing that fits with modern development practices at organizations using DevOps or Agile methodologies for software delivery.

Latest CIO  Interview: CIO Influence Interview with Shirley Salzman, CEO and Co-Founder at SeeMetrics

“When developers outnumber security 100 to 1, a different approach is needed”

Contextual Security Analysis (CSA) represents a novel approach to application security that centers on comprehending an application’s functionality, identifying sensitive components, and assessing the potential security implications of code changes. CSA leverages contextual cues gathered during code development, such as code paths, functions, authors, and languages, to facilitate real-time context-aware assertions. This approach is particularly effective for modern applications characterized by distribution, microservices architecture, and substantial reliance on APIs and third-party elements. The guide from DryRun Security is an essential tool to understanding how developers can secure their applications without being security experts.

Read More About CIO InterviewCIO Influence Interview with Joe Ramieri, VP of North America at Instabase

“When developers outnumber security 100 to 1, a different approach is needed,” said Ken Johnson, Co-founder & CTO, DryRun Security. “This guide pulls from my experience at GitHub, where every piece of work we performed involved calculating risk. At GitHub, we used a risk metric to guide our efforts in everything from vulnerability triage to security reviews and everywhere in between. We constantly made these risk calculations and risk-based decisions, and we did so utilizing a multitude of variables and contextually relevant data. We didn’t call it Contextual Security Analysis at the time, but looking back now that really was the origin story for Contextual Security Analysis.”

Brian Walter, CEO of OpenContext, attests to the value of Contextual Security Analysis: “DryRun Security has guided us in uncovering security vulnerabilities within lesser-explored areas of our code. Their mission aligns seamlessly with our organization’s ethos, as our developer team holds security in high regard. DryRun Security technology empowers our developers to preemptively address issues during the build phase, ensuring the delivery of a secure end product to our customers.” Walter anticipates that the guide will facilitate the implementation and scalability of novel application security testing, and align the security and development groups in larger organizations.

The Contextual Security Analysis guide seamlessly aligns with DryRun Security’s overarching objective of bridging the gap between security and developers. This initiative presents developers, who notably outnumber security professionals, with a robust solution and guidance for CSA implementation. As the company remains at the forefront of CSA innovation, this guide expands on the security training and industry presentations Johnson and James Wickett, CEO of DryRun Security, have delivered on the subject. Notably, the DryRun Security beta program has already provided tangible instances of contextual security analysis in action, drawing significant interest for its ability to bridge the development and security divide.

Browse The Complete Interview About CIO : CIO Influence Interview with Michael Berthold, CEO at KNIME

 [To share your insights with us, please write to sghosh@martechseries.com] 

Related posts

SentinelOne Unveils Singularity Vulnerability Mapping for Autonomous Vulnerability Assessment

Samsung New Galaxy S22 Series is Now Available on AT&T’s 5G Network – and Everyone Gets Our Best Offer

CIO Influence News Desk

Accolite Digital Acquires Abyeti Technologies

CIO Influence News Desk