New Relic launches Interactive Application Security Testing

Accelerates security testing enabling dev, ops, and security teams to ship secure code faster with advanced detection accuracy.

  • 1 year ago Posted in

New Relic has announced the public preview of New Relic Interactive Application Security Testing (IAST). New Relic IAST goes beyond current approaches by providing visibility and context to security findings, advanced detection accuracy with near zero false positives and proof-of-exploit, as well as guided remediation. It enables engineers, DevOps, and security teams to focus on real security risks, remediate issues faster across the application lifecycle, and ship secure code with speed and confidence. Available with Data Plus and part of the New Relic all-in-one observability platform, the public preview comes with a free 30-day trial period to bring the power of observability and security to every engineer. 

  

“To help engineers future-proof applications and minimize security concerns, it's imperative that they reimagine the way they build and secure cloud-native applications,” said New Relic Chief Product Officer Manav Khurana. “Adopting a converged observability and security approach is a must in order to help engineers deliver optimized user experiences. Enabling engineers to transform their view of the health, performance, and security of their applications and infrastructure will provide them the ability to take real-time action to eliminate security risks earlier before it impacts their organization’s bottom line.”  

  

“More secure applications help protect customer’s personal data, enhance privacy, and reduce disruptions. In turn, this leads organizations to realize key competitive advantages like increased customer trust and loyalty, reduced financial losses, greater regulatory compliance, improved operational efficiency, and better risk mitigation—ultimately contributing to the long-term success and sustainability of their business,” said IDC Group Vice President Stephen Elliot. "Applying security testing during the application development and testing stages can ensure issues are caught well before they impact customers, while helping modernize the SDLC by providing customers with a more secure and highly reliable experience." 

  

The growth in DevOps has enabled teams to build and ship software faster than ever before—yet 85% of applications still contain vulnerabilities. With vulnerabilities and exposures expected to rise throughout this year to 1,900 per month, engineering and security teams must take a context-driven approach that accurately identifies, prioritizes, and verifies vulnerabilities with proof-of-exploit for faster remediation. And, current application security testing methods often rely on a reactive approach, which can result in increased costs, false positives, and missed release cycles.  

  

New Relic IAST can help software engineers and security teams solve for these issues by providing much needed visibility and rapid detection while nearly eliminating the false positives found in other application security testing methods. It leverages the New Relic patented deterministic technique to identify and provide automated vulnerability validation with proof-of-exploit, which reduces noise and enables more effective and faster remediation.  

  

Key features and benefits include:  

·       360 visibility: View the application stack and associated relationships with context-driven insights to reduce blind spots and validate remediation efforts. 

·       Reduce false positives: Advanced detection accuracy, risk-based prioritization, and automated vulnerability validation ensure teams focus on real security risks.   

·       Proof of exploit: Find, fix, and verify exploitable vulnerabilities with dynamic assessment capabilities that pinpoint the source of vulnerabilities by simulating real-world attacks.  

·       Accelerate remediation: Guided remediation, guardrails and status tracking help developers avoid critical mistakes across the software development lifecycle (SDLC). 

·       Scale at will: Easy deployment via existing APM agent and seamless integration with CI/CD pipelines and ticketing systems prevent disruption of existing processes and workflows.  

  

“Our team has historically relied on traditional, complex tools to identify security risks, causing us to spend a lot of time and resources to find and fix vulnerabilities before they could impact our business and our customers,” said Agustín Paroli, Head of IT Operations at D24. “New Relic IAST empowers our developers to code with confidence by automating work and providing a comprehensive view of security risks, including real-time feedback, accuracy, and context-aware security analysis—all in the context of our observability practice and without impeding the development process. This enables our team to prioritize security and observability, helping them identify risks earlier in the development lifecycle and deliver a better experience for our customers.” 

NTT DATA research shows organizations shifting from experiments to investments that drive...
Architectural challenges are holding UK organisations back - with just 24% citing having sufficient...
Skillsoft has released its 2024 IT Skills and Salary Report. Based on insights from more than 5,100...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Whilst overall AI patent filings have slowed, green AI patent publications grew 35% in 2023.
Tech leaders are divided on whether AI investments should boost productivity, revenue, or worker...
Whilst overall AI patent filings have slowed, green AI patent publications grew 35% in 2023.
Manages security for both users and providers of AI services, overseeing authentication and zero...