Data Theorem Provides Security Notifications for Modern Cloud Applications Running on AWS Security Hub

March 31, 2022 Off By David

Data Theorem, Inc. announced it is running on Amazon Web Services (AWS) Security Hub to provide better security alert consolidation from its cloud-native application protection platform (CNAPP). This work helps AWS customers gain even better insight from AWS Security Hub to see API, cloud, and web application exposures found by Data Theorem’s Analyzer Engine. The primary benefit is to give AWS customers unified alerts in order to respond quickly to potential data breaches.

AWS Security Hub is a cloud security posture management service that performs security best practice checks, aggregates alerts, and enables automated remediation. It is designed to provide users with a comprehensive view of their high-priority security alerts and compliance status, organizing and prioritizing alerts and findings from multiple AWS services, such as Amazon GuardDuty, Amazon Inspector, and Amazon Macie, as well as other security solutions from the AWS Partner Network (APN), such as Data Theorem’s Analyzer Engine. The findings are then visually summarized on integrated dashboards with actionable graphs and tables.

“Preventing application-layer data breaches and ensuring DevSecOps teams have timely notifications helps improve our efforts in the security industry,” said Chitra Elango, Senior Director of DevSecOps at Fannie Mae. “AWS Security Hub and Data Theorem continue to drive innovation to help all DevSecOps teams gain more actionable insights.”

Protecting APIs, cloud, and web applications is critical for today’s modern organizations. By natively running Data Theorem’s alerts in AWS Security Hub, customers will get real-time visibility into their up-to-date cloud application security and compliance posture directly from the console. These insights gained by the correlation of Data Theorem’s information with other data in AWS Security Hub allow customers to more quickly detect risks and potential breaches and take remediation actions.

“AWS Security Hub gives organizations the ability to build security and compliance visibility directly into all of their development and modern cloud projects,” said Doug Dooley, Chief Operations Officer at Data Theorem. “By offering Data Theorem within AWS Security Hub, IT teams and developers can more easily leverage up-to-date insights about security risks and uncover new attack vectors in cloud-native applications and APIs, helping to prevent data breaches. Data Theorem’s dynamic and run-time analysis with offensive attack surface management and active protection with observability enables organizations to conduct continuous, automated security inspection, application telemetry collection, and run-time protection of their most important AWS cloud-native applications.”

Cloud Secure is the industry’s first solution delivering attack surface management (ASM) security for cloud-native applications that starts at the client layer (mobile and web), protects the network layer (REST and GraphQL APIs), and extends down through the underlying infrastructure (cloud services). Its combination of attack surface management and run-time active protections enables both offensive and defensive security capabilities to best prevent data breaches of cloud-native applications and serverless cloud functions.

“AWS Security Hub makes it easier for our customers to identify and manage all of their AWS-related security and compliance findings,” said Ely Kahn, Head of Product, AWS Security Hub. “Customers can also combine these rich findings with additional data from multiple security services, including Data Theorem’s API Secure, Cloud Secure, and Web Secure products, to find further insights and actionable intelligence for every identified vulnerability.”

Data Theorem’s API Secure, Cloud Secure, and Web Secure security alerts are now available within AWS Security Hub. For more information, see Setup trial https://www.datatheorem.com/trial/.

Data Theorem’s broad AppSec portfolio protects organizations from data breaches with application security testing and protection for modern web frameworks, API-driven microservices and cloud resources. Its solutions are powered by its award-winning Analyzer Engine, which leverages a new type of dynamic and run-time analysis that is fully integrated into the CI/CD process, and enables organizations to conduct continuous, automated security inspection and remediation.