Astrix Security is proud to announce it was mentioned as a representative vendor in a recent Gartner report Quick Answer: Cloud, Kubernetes, SaaS — What’s the Best Security Posture Management for Your Cloud?, and as a tool that addresses the need to secure access to machines and environments in the DevOps pipeline in Gartner’s report How to Select DevSecOps Tools for Secure Software Delivery.
In the report How to Select DevSecOps Tools for Secure Software Delivery, Astrix is mentioned as a tool that addresses the need to secure access to machines and environments in the DevOps pipeline.
In the report, Gartner analysts mention that “Software supply chain attacks have added a new dimension to software security problems because the software delivery pipelines and the tools used to build and deploy software are the new attack vectors.”
While the software supply chain has been a huge catalyst for vulnerabilities, and consequently attacks, there is a new type of supply chain attacks that has proliferated in the past year – taking advantage of the third-party tools and services that are connected to these development environments. These are service supply chain attacks, in which attackers take advantage of access granted to third-party cloud services as a backdoor into the companies’ most sensitive core systems.
Astrix helps engineering teams secure these non-human (machine) access to development core systems like GitHub and BigQuery, by providing a consolidated and comprehensive view of all the internal and third-party integrations to engineering environments (repositories, workflows, and configurations). Additionally, Astrix automatically identifies malicious third-party connections, anomalous behavior (like suspicious source IPs), overly permissive connections, redundant applications, and insecure tokens.
Read our full article to learn more on how Astrix helps DevSecOps leaders secure their development environment from service supply chain attacks.
In the report Quick Answer: Cloud, Kubernetes, SaaS — What’s the Best Security Posture Management for Your Cloud? Astrix Security is mentioned as a representative vendor in the SSPM category.
In the report, Gartner analysts mention that “Managing the posture of cloud environments is increasingly important, but there is a bewildering array of security posture management approaches. Security and risk management leaders need to select the right approach to realize the benefits of these tools.”
When it comes to SSPM (SaaS security posture management) solutions, Gartner analysts mention that “SaaS protection remains segregated from IaaS and PaaS, and is covered by a separate family of SSPM products”. In our opinion, while this is predominantly true in the SSPM market, the Astrix platform aims to be an exception by providing customers with a complete security solution for non-human access to cloud-based core systems, securing their app-to-app connections across SaaS, IaaS and PaaS environments – from Salesforce, GitHub and Office365 to Workato, Zapier and BigQuery.
Read our full article to learn more about the SSPM market and how Astrix addresses the SSPM use case and beyond.
GARTNER is a registered trademark and service mark of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.
Gartner does not endorse any vendor, product or service depicted in its research publications and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s Research & Advisory organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.