DEVOPSdigest

ShiftLeft released ShiftLeft Illuminate, a new solution that leverages ShiftLeft technology to identify insider attacks, offer remediation advice and reduce overall risk to organizations’ software code base.

While cyberattacks on the CI/CD pipeline have been theoretical for some time, high-profile breaches over the past year have underscored a clear and urgent need for attention to this area. ShiftLeft Illuminate will help organizations eliminate insider threats within this vulnerable phase of the development pipeline.

According to Verizon’s 2020 Data Breach Investigations Report, “inside actors” are responsible for nearly one-third of data breaches. Many of these insiders have touchpoints with source code, including privileged IT administrators, disgruntled former employees and managerial employees with administrative privileges who can commit code without review. Organizations should also consider the threat from business partners with access to code repositories and nation-state actors weaponizing weaknesses of these parties.

“Recent cyberattacks have highlighted the importance of securing the software supply chain and ensuring that the software shipped is the same as the software developed,” said Manish Gupta, CEO, ShiftLeft. “Identifying such ‘insider attacks’ goes beyond taint-based vulnerability analysis. ShiftLeft's Illuminate helps customers insert insider attack detection in the software supply chain to establish non-repudiation of the software shipped at every stage.”

ShiftLeft Illuminate performs an architecture review to identify the most likely areas for an insider attack. It then creates a Code Property Graph (CPG) fingerprint of the relevant codebase and identifies sources, sinks and transforms to reduce exposure. Running algorithms on the CPG, Illuminate identifies insider attacks and business logic flaws, as well as potentially exploitable areas for insider attack, providing recommendations for reducing future risk. Using Illuminate, organizations can accurately determine if an insider attack has occurred in their source code, helping them to know what and where to monitor within their unique application architecture moving forward.

“Cybersecurity poses a difficult challenge to supply chains, as an organization may be affected by an attack on any other link in the chain,” said Chetan Conikee, CTO, ShiftLeft. “In general, individual nodes in a supply chain (horizontally across SaaS vendors and vertically across the OSS stack) bear the entire cost of their own cybersecurity investments, but some of the benefits of the investments may be enjoyed by the other nodes as well.”

Organizations using ShiftLeft Illuminate are armed with Summary Reports for executive and senior level management, as well as Technical Reports of insider attacks, remediation advice and strategic guidance for longer-term improvement. Illuminate also provides Summary Reports for customers, demonstrating a comprehensive security assessment of the organization’s software development pipeline to eliminate the blind spot around the risk of software consumption that exists today.