The Application Security Division of NTT Ltd., a world leader in application security, has unveiled The WhiteHat Vantage Platform to provide modern developers and security teams with end-to-end security coverage of web applications and APIs testing throughout the entire software development lifecycle (SLDC).
Built on top of a powerful and flexible cloud-based SaaS architecture, The WhiteHat Vantage Platform lays the foundation for enterprises to take a simplified approach to application security. By strategically layering three lightning-fast, purpose-built testing solutions at the most critical inflection points of the SDLC, developers and security teams can now focus on priority items. Additionally, the platform features a robust public API that unlocks seamless integrations with teams’ existing tools to streamline workflows, automate application security testing and deliver powerful insights by consolidating results from layered testing solutions.
“The WhiteHat Vantage Platform directly addresses the most important but often overlooked challenges facing security teams. Traditional application security solutions cater to application security teams, and therefore lack intelligent context and holistic implementations that benefit developers. Over time, this has put many organizations’ security programs in a reactive state that cannot keep up with the velocity of current development cycles,” said Craig Hinkley, chief executive officer at NTT Application Security. “As one of the industry’s pioneers, we felt that it was upon us to bring about an innovative and forward-thinking approach to application security testing once again, just as we did 20 years ago as WhiteHat Security.”
Alongside the announcement, NTT Application Security today also revealed Vantage Inspect powered by ShiftLeft, the first solution under The WhiteHat Vantage Platform. Designed to provide a familiar and intuitive experience, Vantage Inspect is a developer-focused solution that combines software composition analysis (SCA), static application security testing (SAST) and Infrastructure-as-Code technologies to give in-context security feedback directly within their native code repository. This direct line of communication allows developers to secure code early in development so critical vulnerabilities are not deployed into pre-production, while also educating developers on best practices for producing higher quality code.
Vantage Inspect powered by ShiftLeft gives enterprises a differentiated ability to:
Prioritize SCA findings by attackability. Vantage Inspect detects open-source software (OSS) vulnerabilities in applications and uses the power of the Code Property Graph (CPG) to determine if identified vulnerabilities would be exploitable in production. This gives developers the ability to prioritize library patching based not only on vulnerability criticality but also on the likelihood that an attacker will find and exploit a weakness.
Get up and running quickly with easy onboarding. Vantage Inspect links directly to a GitHub account so teams can get started immediately or use a single-line invocation in the command-line interface (CLI).
Let teams work within their native environments. Vantage Inspect is invocable through Azure Pipelines, Bamboo, Jenkins, CircleCI, Docker, GoCD, TeamCity, and Travis CI.
In the next phase of the platform launch, NTT Application Security will introduce organizations to Vantage’s patented, intelligence-directed dynamic application security testing (ID-DAST). This new technology unlocks the ability for DevOps teams to integrate functional and dynamic security testing at each step of the SDLC and prevent exploitable vulnerabilities from reaching production.
Those interested in learning about The WhiteHat Vantage Platform can find more information on NTT Application Security’s website.
NTT Application Security will demo The WhiteHat Vantage Platform at RSA 2022 in booth number 4525 in the North Hall, to be held February 7-10 in San Francisco, Calif.