December 2023

Aptori now includes out-of-the-box integration with industry-leading application security scanners for Software Composition Analysis (SCA), Dependency Checks, Secrets Detection, Container Scanning, and Static Application Security Testing, in addition to our proprietary scanners for run-time API & Application Security Testing. With these integrations, Aptori can document and track every identified vulnerability, streamlining the process of evaluating the risk associated with the developed software. This enhancement facilitates more rapid prioritization and resolution of critical issues.

Static Code Analysis (SAST)

Analyzes your source code for potential security threats prior to merging code.

Surface Monitoring (DAST)

Conducts dynamic simulations of attacks on your web app's front-end to identify vulnerabilities.

Open Source Dependency Scanning

Continuously scans your code for known vulnerabilities, CVEs, and various other security risks

Secrets Detection

Checks your code to detect any exposed or leaked API keys, passwords, certificates, encryption keys, and more

Container Scanning

Examines your container's operating system for packages that have security vulnerabilities

‍

Aptori's Sift, an API security testing tool, can autonomously generate and execute test cases to confirm the effectiveness of an authorization policy. Sift ensures comprehensive testing of all possible scenarios involving creators, actors, actions, and entities, handling anything from 10 to thousands of test cases, all completed swiftly within seconds.

Moreover, authorization policies can now be conveniently defined using straightforward tables (no code) or a few lines of YAML code (low code). This allows Sift to automatically create test cases for hundreds of access scenarios, thoroughly validating each aspect of an authorization policy. This comprehensive validation ensures that Broken Object Level Authorization (BOLA) issues become a concern of the past.