SecurityBrief UK - Technology news for CISOs & cybersecurity decision-makers
Story image
Backslash Security unveils game-changing AppSec platform
Fri, 3rd Nov 2023

Today, Tel Aviv-based Backslash Security announced the general availability of its innovative Application Security Posture Management (ASPM) platform designed for enterprise AppSec and product security teams. The sophisticated single platform is set to tackle the critical AppSec challenge of risk prioritisation, offering unique application-centric visibility intertwined with comprehensive cloud-context technology.

The revolutionary platform brings together a range of core AppSec functionalities such as Package Reachability, SCA, SAST, SBOM, VEX, and secrets detection, effectively reducing 99% of the security noise traditionally generated with these tools. What sets the Backslash ASPM solution apart is its singular ability to not only detect vulnerabilities on multiple fronts, but to prioritise them based on reachability and potential exploitability. This amalgamation of reachability analysis with risk assessment exposes hidden risks and offers an all-inclusive understanding of high-risk vulnerabilities and their real world impact.

Modern day AppSec teams often spend half or more of their time grappling with a daunting volume of vulnerabilities identified by multiple tools. The ensuing sense of being overwhelmed often leads to more extended remediation timeframes, hence putting organisations at risk due to less secure code. The newly launched ASPM tool combats this challenge by offering an integrated, continuous and holistic snapshot of an organisation's application security posture.

Heralded as an industry game-changer, Gartner's 'Innovation Insight for Application Security Posture Management' report anticipates that more than 40% of organisations developing their own applications will adopt ASPM by 2026 as a faster way to identify and resolve application security issues. Ori Assaraf, Vice President, R&D at Centrica-owned firm, Panoramic Power, endorses this sentiment, "We used to be overwhelmed on a daily basis by the amount of alerts we would get... For the first time we have a solution that actually finds real risks and helps us make sense of them."

Key features of the Backslash ASPM platform include comprehensive reachability analysis, native security analysis detection, toxic flow analysis, automated vulnerability and threat modelling, and direct remediation capabilities. The innovative toxic flow analysis can identify one critical toxic flow for every one hundred security alerts produced by other tools, substantially reducing alert fatigue and enabling teams to address high risk vulnerabilities first.

Arguing the importance of prioritisation, Backslash's co-founder and chief executive offcier, Shahar Man suggests, "AppSec teams need to cut through the noise and focus on what matters most – and this means understanding which vulnerabilities are exploitable. Backslash draws inspiration from the agile workflows we see in software development – just as devs have shortened and streamlined their cycles, we can now shorten and streamline ours."

The Backslash ASPM platform is available for general use, offering security professionals the ability to focus on high-risk, exploitable vulnerabilities to keep pace with their developer counterparts.