Fitting the Parts Together
To support the security of the software supply chain, the technology components need to work together.CyberRes has a portfolio of products that are tightly integrated and address the different facets of supply-chain security:
- Fortify—A set of tools for securing custom, open source and third party software using SAST and DAST for secret scanning to detect hard coded supply chain credentials, protect the pipeline with CI/CD as code, identifying 3rd party client side JS in web apps and more.
- Debricked—This machine learning-powered tool helps development teams use open source in a smart, efficient and secure way. Through automation and clever, customizable policy setups Debricked helps your organization take a proactive, rather than reactive, approach to open source vulnerabilities, license compliance and project health.
- NetIQ—The NetIQ Risk Service protects against high-risk authentication and application access requests by initiating strong or multi-factor authentication when risk scores indicate that a higher level of identity verification is needed. This can be an added layer of defense.
- Voltage—Discovers, analyzes, and secures sensitive data across hybrid multi-cloud IT, protects data privacy, and helps businesses satisfy compliance requirements
- ArcSight—AI powered Security Information and Event Management (SIEM) platform that accelerates effective detection and response to known and unknown threats.
- Security analytics, AI & ML—Automation is critical to be able to keep up with attackers, so CyberRes has incorporated machine automation and learning technologies into its products. ArcSight Intelligence, for example, identifies and prioritizes anomalies through user entity and behavior analytics UEBA) that may uncover threats, such as data exfiltration and attacks on DevOps accounts.