Oracle Stock Surges After Hours on TikTok Deal Optimism and OpenAI Fundraising Buzz 
Dina Powell McCormick Resigns From Meta Board After Eight Months, May Take Advisory Role 
TikTok U.S. Deal Advances as ByteDance Signs Binding Joint Venture Agreement 
LG Energy Solution Shares Slide After Ford Cancels EV Battery Supply Deal 
Boeing Seeks FAA Emissions Waiver to Continue 777F Freighter Sales Amid Strong Cargo Demand 
Elliott Management Takes $1 Billion Stake in Lululemon, Pushes for Leadership Change 
OpenAI Explores Massive Funding Round at $750 Billion Valuation 
Instacart Stock Drops After FTC Probes AI-Based Price Discrimination Claims 
Trump Signals Push for Lower Health Insurance Prices as ACA Premium Concerns Grow 
Nike Shares Slide as Margins Fall Again Amid China Slump and Costly Turnaround 
FDA Fast-Tracks Approval of Altria’s on! PLUS Nicotine Pouches Under New Pilot Program 
Citi Appoints Ryan Ellis as Head of Markets Sales for Australia and New Zealand 
Union-Aligned Investors Question Amazon, Walmart and Alphabet on Trump Immigration Policies 
ANZ New CEO Forgoes Bonus After Shareholders Reject Executive Pay Report 
Oracle Stock Slides After Blue Owl Exit Report, Company Says Michigan Data Center Talks Remain on Track 
Micron Technology Forecasts Surge in Revenue and Earnings on AI-Driven Memory Demand 
7-Eleven CEO Joe DePinto to Retire After Two Decades at the Helm 
SAN FRANCISCO, Feb. 16, 2016 -- Hackers’ continued success in exploiting vulnerabilities in software, Web and mobile applications a decade after the application security testing (AST) market emerged shows there is still much to be done.
|
|||||
A photo accompanying this announcement is available at http://www.globenewswire.com/NewsRoom/AttachmentNg/6a8d8c67-8011-4dbb-b605-56ece61f5113
One group of world-class cyber sleuths at ®buguroo may have the answer— a new generation of appsec tools that can rise to the challenge of cross-platform attacks and the massive scale required to thoroughly test today’s mega-apps.
Today, buguroo — a U.S. startup coming out of Deloitte’s European Security Operations Center (SOC) — is launching bugBlast, a next-generation appsec management platform that unifies many types of vulnerability testing tools with real-time intelligence. Capable of creating a single, holistic view of an application’s security as it executes in its actual infrastructure, cloud-based bugBlast can scale to test mega-apps in their entirety. By correlating multiple results from static, dynamic and infrastructure testing with real-time threat intel at this scale, buguroo is re-defining the market for interactive AST.
As part of its appsec platform, the company is also announcing bugScout, a static application security testing (SAST) tool that significantly advances the state of the art. Designed from the ground up as a cloud app, bugScout eliminates one of the main limitations facing classic SAST architectures — the ability to completely model extremely large apps in memory.
“To hackers, a vulnerability is a vulnerability, wherever they find it, but until now, technology limitations forced application testing piece by piece,” said Pablo de la Riva Ferrezuelo, CTO and founder of buguroo. “The technology advances in bugBlast and bugScout level the playing field by enabling testers to use many different tools together and test everything at once across the entire application and platform, which is just how the hackers attack.”
buguroo's application security testing platform, bugBlast, breaks new ground in many ways:
- Designed by ethical hackers and cybersecurity auditors, the platform automates their own best practices and provides a single tool for managing the entire appsec process
- Unifies multiple scanning engines and intelligence feeds into one comprehensive management and testing platform for all team members
- Correlates all results in a single model to find more vulnerabilities and facilitate efficient correction
- Provides a common environment for auditors and developers, based on a highly visual dashboard that enhances cross-team communications, efficiency and coding security
- Scales to model and analyze very large applications at very high speeds, overcoming architectural limitations of testing solutions derived from first-generation classic AST
- Integrates proprietary intelligence tools for real-time discovery of and alerts on new vulnerabilities specifically relevant to the application and infrastructure
- Enables continuous testing and re-testing throughout the development and software maintenance lifecycle
- Supports multiple open source and proprietary vulnerability lists, including CWE, OWASP and SANS and more as well as buguroo’s and its customers’ own intelligence
- Easy start up with no onsite equipment required delivers a rapid time to value
bugBlast has many other capabilities that you would expect to see in a state-of-the-art security management platform such as a flexible policy manager, algorithms and experiential learning to continually reduce false positives, integration with other ITSEC platforms like SIEM and WAF, a built-in ticketing system as well as hooks to integrate with other bug tracking and software lifecycle management solutions and a robust documentation and report generator.
The company's new bugScout SAST solution is designed to work within the bugBlast platform or as a standalone solution. It shares many of the industry-leading technologies in bugBlast, notably its capability to model very large application sets in their entirety and its fast proprietary engine that analyzes millions of lines of code in just a few minutes.
Other capabilities of bugScout include:
- Laser focus on riskiest languages, Java, PHP, .NET, and the application ecosystems for Android, provides robust vulnerability detection in the most widely used languages
- Lowest rate of false positives on the market, thanks to its adaptive learning technology and multiple configuration options
- Built-in software quality analyzer using the SonarQube open platform makes applications more efficient, reliable, and resilient at the same time they are made more secure and increases the productivity of developers
- Enables continuous testing and re-testing throughout the development and software maintenance lifecycle
- Supports multiple open source and proprietary vulnerability lists, including CWE, OWASP and SANS and more as well as buguroo’s and its customers’ own intelligence
- Easy start up with no onsite equipment required, delivers a rapid time to value
Although a startup in the U.S., buguroo is building on its five-year history in Europe and its proven technology and security operations experience. Originally, the company was a stand-alone unit in Deloitte Spain, and the buguroo team of ethical hackers and cybersecurity analysts worked alongside experts from Deloitte Spain to manage the Deloitte Security Operations Center (SOC) for Europe. In 2015, the 50-employee company was spun off as buguroo and closed a $3.34 million round of angel financing to expand its business internationally and accelerate development of its product roadmap.
Separately today, buguroo announced bugThreats, a comprehensive threat intelligence platform that makes enterprise security operations analysts more effective and has already proven its value at several large global infrastructures, and its bugFraud Defense next-generation online fraud detection solution that provides real-time protection of websites from hijacked sessions using man-in-the-browser or man-in-the-middle attacks.
buguroo also provides technical services from its highly qualified team of professional security auditors to help clients with malware analysis and remediation, forensics, impact analysis, Dark Web data recovery, botnet takedowns and other advanced techniques.
More information on the bugBlast next-generation appsec management platform and the bugScout static application security testing (SAST) tool is available online, or by emailing [email protected].
Deb Montner 203.226.9290 [email protected]
