Unlocking a New Era in Application Security with OX Security’s Attack Path Reachability Analysis
Proactive application security is not only essential; it’s needed urgently. One need look no farther than the staggering 742% growth in software supply chain attacks between 2019 and 2022 to understand that traditional application security (AppSec) solutions are not working. The core drivers behind this explosive growth in malicious activity are no mystery. On the […]
Press Release: OX Security Named Winner of the Coveted Global InfoSec Awards during RSA Conference 2024
OX Security Wins Most Innovative Application Security In 12th Annual Global InfoSec Awards at #RSAC 2024 OX Security is thrilled to announce that the company has been honored with the “Most Innovative Application Security” award by Cyber Defense Magazine (CDM), an industry-leading information security publication. The recognition was unveiled during the RSA Conference 2024, […]
Understanding the Link Between API Exposure and Vulnerability Risks
In a digital+ world, there is no escaping “vulnerabilities.” As software development grows more complex and APIs become more central to new software architectures, vulnerabilities can stem from various sources, whether it’s an issue within open-source components or a mistake made by one of your developers. The critical question we need to address is: what […]
Say Goodbye to Manual AppSec Overhead: Unleashing the Power OX’s Automated No-Code Workflows
Last month, we unveiled our Active ASPM Platform which includes our newest feature, no-code automation workflows. OX has established itself as a frontrunner in automating the discovery, analysis, and prioritization of security risks throughout the entire software supply chain, earning recognition as a Gartner Cool Vendor in platform engineering for scaling application security practices. With […]
Betting on a New Approach with Active ASPM
Streamlining Application Security at 888 Holdings with OX Security In betting and gaming, application security (AppSec) is critical in protecting the integrity and reliability of digital services. 888 Holdings, a global frontrunner in the industry, recognized the need for a proactive AppSec program to safeguard its operations across 15 countries and its workforce of over […]
Key Considerations for Selecting an SBOM Tool
With security integrated into development, selecting the right Software Bill of Materials (SBOM) generation tool for your organization is crucial not only for compliance but also as a fundamental component of cybersecurity and operational integrity. With the increasing integration of open-source and third-party components in applications, the transparency and security that an effective SBOM tool […]
SBOM: The Ingredients Label for Cybersecurity
Until the 60s, most Americans prepared most of their meals at home. The appetite for pre-packaged food rose in that decade, and the shift in consumer demand resulted in public demand for more detailed product information for nutritional and food safety reasons. This resulted in the USDA mandating that a list of ingredients be placed […]
Streamlining DevOps: How to Integrate OX with GitLab for Enhanced Security
We’re thrilled to announce that The OX Active ASPM platform is now fully integrated with GitLab. With this integration, users no longer have to choose between rapid deployment or security in their software development. GitLab’s comprehensive web-based platform, known for its source control, issue tracking, and CI/CD capabilities, now enhances its offering with OX’s automated […]
Securing the Cloud-Native Landscape: Embracing Active ASPM for Compliance
In an era where digital transformation is ubiquitous and cloud-native applications drive more and more enterprise workloads, organizations must navigate a landscape fraught with threats targeting these applications, specifically targeting the data they process and contain. The growing complexity of applications and the expanding attack surface necessitates that development and security teams adopt a comprehensive […]
Agility Meets Security: Kaltura’s Journey to Streamlined Development with OX Security
Discover how Kaltura strengthened its software supply chain and transformed its approach to application security with OX’s Active ASPM. Pioneering video technology, Kaltura needed to strengthen its software supply chain and redefine its strategy for application security. Confronting obstacles in achieving agile innovation by balancing the speed and security of software releases, Kaltura needed a […]
Press Release: OX Security Unveils the First Active Application Security Posture Management Platform to Eliminate Manual Practices
Boston, MA and Tel Aviv, Israel – January 31, 2024 – OX Security, the pioneer in scaling application security (AppSec) practices and a founding member of the Open Software Supply Chain Attack Reference (OSC&R) framework, announced the next iteration of their solution with the first ever Active ASPM Platform. Incorporating active analysis in an ASPM […]
Three ways to manage cybersecurity tool sprawl in your software supply chain
Sprawl happens Software development organizations evolve. Teams grow. The number of projects increases. Tech stacks change. Technology and management decisions have become more decentralized. Throughout this evolution, the organization’s AppSec tool portfolio also grows. In dynamic organizations, this can lead to “tool sprawl.” A sprawling AppSec tool portfolio includes many point solutions, acquired by different […]
Protect Your Software Supply Chain with OX Security’s Latest Integration with Bitbucket Cloud
Discover the power of OX Security through our native integration with Atlassian Bitbucket CloudApp, designed to seamlessly integrate vulnerability scans into your software projects. Our scans go beyond the surface, delving into secrets, SAST issues, SCA, Open Source dependency concerns, IaC issues, and more. How It Works Configurable to meet your specific needs, scans can […]
Elevating Software Supply Chain Security with OSC&R
Five ways the OSC&R framework helps CISOs and AppSec leaders verify their software supply chain security Software supply chains are lucrative attack targets Software supply chains are very lucrative cybersecurity attack targets. As SolarWinds, CircleCI, and Progress Software attacks have shown, breaching one system–a commercial SaaS application–provides attackers access to the many customers of […]
Automating your way out of an AppSec staffing shortage
If you’re like most companies, you might be struggling to hire and retain skilled application security staff. According to a 2023 study by the Information Systems Security Association (ISSA), 71% of companies feel they are negatively impacted by a shortage of skilled cybersecurity professionals. The study also showed that over half the respondents felt that […]
DevSecOps Dashboard – Build vs. Buy?
3 things to consider before you develop a custom risk dashboard for your software supply chain TL;DR – BUY Seriously though. If you’re contemplating a build vs. buy decision, buying gets you a working DevSecOps dashboard sooner and usually at lower cost than building something in house. And whether you build or buy a dashboard […]