ShiftLeft is offering you a free data leakage assessment of your application(s). The analysis combines understanding of development and production environments to determine how critical data flows across microservices, 3rd party libraries and open source software (OSS) components that is both comprehensive and precise.
Common data leakage scenarios we have seen in our customer engagements:
• Unexpected decryption as data flows between microservices
• Unexpected deserialized data submitted to OSS libraries
• PII (Personally Identifiable Information) submitted to a logging system
• Credentials hard-coded in the application and leaked
• Discovery and classification of sensitive data
• Critical data flows, including entry and exit points to identify issues
• Discovery of known and unknown vulnerabilities
• GDPR compliance readiness
ShiftLeft’s proprietary Semantic Property Graph (SPG) is a graph of graphs (Abstract Syntax Graph, Control Flow Graph, etc.) that identifies how data flows within an application and across microservices. The SPG analyzes JAR files to identify potential leakages. Potential leakages are communicated to ShiftLeft’s runtime microagent as part of a broader security profile. The microagent is deployed in production to determine the runtime behavior. By combining the SPG analysis with production analytics, ShiftLeft can accurately map data paths and identify data leaks.
• Kickoff call to discuss goals and schedules
• Technical installation call to deploy ShiftLeft
• Call to discuss results with a senior member of the security team