Cloud environments and the applications running on them present an enormous attack surface that’s frequently exploited. Protecting runtime environments in the cloud is certainly a top concern for any CISO, but solutions that detect and mitigate vulnerabilities in the cloud also bring operational challenges, noise, and remediation obstacles that can hinder an effective and efficient security program. That’s why Legit Security, a market leader in ASPM (Application Security Posture Management), has teamed up with CrowdStrike and their cloud security offerings to solve these challenges.
When scanning your cloud assets for vulnerabilities, there are many hard challenges to overcome:
These challenges make cloud remediation in isolation less effective and holds back the pace of development innovation. The answer to overcoming these challenges is shifting security left to address vulnerabilities in the pre-production code, CI/CD pipeline and development environment. By using Legit’s code to cloud ASPM pipeline discovery and visibility capabilities, it’s possible to trace each cloud vulnerability back to the application’s pipeline and source code.
Runtime application security issues can manifest in multiple ways, such as through the application code, Infrastructure as Code (IaC), or CI configuration files. Pinpointing the exact origin of a vulnerability within the source code with all relevant context provides clarity and allows teams to harness deep understanding of the development environment to prioritize based on organizational risk and accelerate the remediation process. There are a few ways that this can be done:
By leveraging CrowdStrike's cloud expertise in tandem with Legit Security's deep understanding of the software development lifecycle (SDLC), you can trace an application vulnerability detected by CrowdStrike Falcon Cloud Security back to its point of origin with a comprehensive set of development context within the Legit Security ASPM solution.
For example, if Falcon's container scanning identifies a container vulnerability, it can be traced back to the originating source repository using the Legit platform. This not only reveals the repository owner but also determines if security measures are in place within that repository and pinpoints the necessary modifications to the build process to rectify the vulnerability from ever happening again. It’s also possible to create an automation rule in Legit that notifies the code owner via Slack or an equivalent ticketing system as soon as the vulnerability is detected by CrowdStrike scanners.
An additional use case for the Legit and CrowdStrike integration involves monitoring vulnerabilities from code to cloud. For instance, if the Legit Platform identifies a secret in the code, it can use context provided by CrowdStrike to trace it to its deployment location and initiate a remediation process. This process can be used to eliminate the secret from both running applications and the original source code.
Here are some Legit Security platform screenshots showing a container tracked from source to cloud:
And here is a CrowdStrike container vulnerability shown within the Legit Security Platform:
The collaboration between Legit and CrowdStrike offers customers an integrated solution encompassing both Application Security Posture Management (ASPM), which oversees every phase of the development pipeline, and CSPM, ensuring the cloud environments are optimally configured and safeguarded. Bridging our expertise, we enable organizations to seamlessly secure their environments from code to cloud. Collaborations like this are setting a new standard in cybersecurity, helping organizations safeguard every step of the SDLC, from development to deployment.
For more information about how Legit Security and Crowdstrike work together, download our Joint Solution Brief.
Ready to learn more? Schedule a product demo or check out the Legit Security Platform.