Spectral DeepConfig detects software misconfigurations at all layers to prevent breaches

2021-08-08 02:00

Spectral announced the release of DeepConfig, a detection technology that can identify misconfigurations at all layers of software to prevent exploits of security gaps and data breaches.

Spectral's DeepConfig is the first solution that can detect misconfigurations at all layers of software, including the infrastructure layer and the data layer, which is composed of products like Elastic, MySQL, Redis, Memcache, and more.

DeepConfig also detects issues in the app framework layer, where we find popular app frameworks like Rails, Django, and others, as well as the app layer by scanning for API misconfiguration and other mistakes in code.

Current solutions tend to focus on detection at the infrastructure layer of software only, such as scanning for Kubernetes and CloudFormation misconfigurations.

"Software tends to grow in complexity faster than our ability to tame it, and it's not just the infrastructure layer that can grow to be complex," said Dotan Nahum, Spectral's co-founder and CEO. "If we take Kubernetes as an example - it's not just Kubernetes itself that can suffer from misconfiguration but what's running inside Kubernetes, it's also vulnerable to the same issues and it can be breached. Imagine running a fully secure Kubernetes cluster but within it a misconfigured Elastic cluster that goes undetected, is exposing all of your data to hackers. Spectral now provides a one-stop-shop for all of that. You just update your Spectral version and you've got it."

DeepConfig joins Spectral's existing scanning technology, fondly named DeepSecret, which is the market-leading secret scanning solution supporting over 500 different detectors for shapeless data, code, binary and more.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/n8LIgy2nO1A/

#breaches