In this episode of AppSec Decoded, we discuss the role Seeker IAST plays in DevSecOps and how it can strengthen your API security strategy.
We have seen a shift in modern software development from monolith to cloud-based applications. This shift has enabled organizations to build and deploy their applications faster and more cost-effectively across their software development life cycle (SDLC).
But the ability to scale development at the speed your organization demands comes at a price. Technologies such as microservices, serverless functions, and APIs make it difficult for organizations to identify all the endpoint calls in their systems. And with a lack of common standards for APIs, these factors collectively create a wider attack surface for hackers.
An interactive application security testing (IAST) tool such as Seeker® can help organizations continuously detect, auto verify, and alert of critical findings in running web applications without disrupting workflows for development, DevOps, and QA teams. Seeker can also strengthen API security by discovering and creating an inventory of all APIs and inbound and outbound endpoints.
In this episode of AppSec Decoded, Kimm Yeo, security solutions manager, and Taylor Armerding, security advocate, both at Synopsys, discuss the importance of a holistic AppSec approach and the role an IAST solution like Seeker plays in DevSecOps.