Concept: Californian startup ArmorCode has launched an application security posture management platform called AppSecOps for enterprises to consolidate application security tooling and streamline application security processes. Continuous visibility and actionable insight for posture, vulnerability, and compliance management can help decrease security and compliance risks while improving business agility, and developer productivity.
Nature of Disruption: AppSecOps platform integrates AppSec posture management, DevSecOps (development, security, and operations) workflow automation, vulnerability management, and continuous compliance. App security findings from tools for static application security testing (SAST), dynamic application security testing (DAST), and software composition analysis (SCA) are centralized in the application security posture management solution. It prioritizes the results, minimizes overall triage time, and acts as a central repository for application security issues and fixes. It also enables the creation, sharing, administration, and tracking of SLAs (service-level agreements) and automated DevSecOps workflows. To scale best practices to all developers and AppSec team members, the platform provides an Extensive and Extensible AppSec Knowledge Base. It provides 360-degrees DevSecOps Ecosystem Integration with over 80 security, development, and operational products and systems. Through automation and a knowledge base of best practices, the platform assists organizations in eliminating tedious, and repetitive work across development, security, and operations teams.
Outlook: Over the years, application development has shifted from waterfall to agile, and from monolithic application architecture to microservices deployed at the edge. Because releases are now done on a weekly or even daily basis, once-a-year compliance is no longer sufficient; nevertheless, application security and compliance tools haven’t managed to keep up. ArmorCode’s AI-powered enterprise cloud security posture management aims to address these issues by assisting businesses in managing increasingly complex application security environments. It claims that companies can significantly simplify and speed application security while saving up to 50% on costs. ArmorCode has a $3M in a seed funding round led by Sierra Ventures in January 2022. It plans to use the funds to expand its workforce and platform’s capabilities.