Existing security tools used during Software Development Life Cycle (SDLC) do not completely cover the security needs of applications. They put the focus only on security bugs and these represent only 50% of risks, leaving applications potentially unsecure. This poses important security risks to any application because in many cases they depend completely on developers, forcing them to protect and verify applications manually.
The problem is even greater for developers who are doing agile application development and need to adhere to continuous integration and DevOps workflows. They need to meet strict application development deadlines making use of technologies that don’t protect applications by default, and in many cases they are not even aware of the main risks. Even those who are, face a huge manual task to avoid them. So, this manual approach is no longer viable.
Security solutions designed to protect applications within the production environment such as WAFs, try to protect from design flaws, but due to their external approach, they need to understand the context of applications through complex and costly learning processes.
In addition to detection and protection from security bugs, the Hdiv approach allows protection from design flaws proactively without the need to learn applications. Hdiv protects applications from the beginning, during application development, to solve the root causes of risks, and continuing after the applications are released.
The combination of the different techniques provides Hdiv technology with a much higher protection capability than any other solution currently available on the market, raising the protection level significantly in comparison with the current most advanced technologies in web application security.
Hdiv accelerates time to market for self-protected applications. Because it is built into the development environment, it only has to be applied once and then it automatically generates self-protected applications. This saves time for developers. Security teams can ensure that new applications are released quickly without the risk of introducing vulnerabilities and the training periods to understand apps.
We are the 1st complete solution covering security bugs and design flawsfrom SDLC
Hdiv detects security bugs in source code before it is exploited, using a runtime data flow technique to report the file and line number of the vulnerability. Reporting is immediate to developers during the development process either within the web browser or within a centralized web console.
Additionally, Hdiv detects third party software with known vulnerabilities, reporting details of the specific CVE(s) associated with that library.
This feature only requires installation of an agent within the application server without any change in your applications.
Hdiv enables applications to protect themselves during runtime. By building protection in during development, Hdiv protects applications from the inside, keeping them secure wherever they go. This makes Hdiv invaluable for applications used in the cloud or within third party deployment environments.
Hdiv protects applications from security bugs as well as design flaws, repelling 90% of security risks included in the OWASP Top 10. In addition to protection features, Hdiv monitors all malicious activity, reporting detected attacks and vulnerabilities within the production environment.
Installation of this feature requires the inclusion of Hdiv libraries within the application, without changing the application source code.
The verification of security bugs can be automated using tools, however, the detection of design flaws requires manual review of the whole application.
Hdiv heralds a new era of application security where the pentester's workload can be greatly reduced (between 70-80%), making collaboration possible between the application and auditing tools (e.g. Burp). The Hdiv verification component is included in the protection features installation and does not require any additional step.