UPDATED 09:00 EST / MARCH 14 2023

SECURITY

New ReversingLabs features improve authentication credentials detection coverage

Software supply chain security startup ReversingLabs Inc. today unveiled new secrets detection features within its Software Supply Chain Security platform.

The new features improve secrets detection coverage by providing teams with the context and transparency needed to prioritize developers’ remediation efforts. Doing so reduces manual triage fatigue and improves security controls for preventing leakage.

ReversingLabs’ platform addresses the issue wherein complex software includes components that rely on digital authentication credentials — secrets — in tools such as login credentials, application programming interface tokens and encryption keys. Secrets are critical for the software to function but managing secrets across every component of code, software development life cycle or continuous integration and delivery or CI/CD stages is a challenge that can result in secrets being left exposed.

Potential secret exposure can stem from using plain text, weak cryptography, build scripts including directories with secrets configuration files, CI/CD or packaging automation mistakes and inclusion by compromised developer accounts or malicious insiders. That’s where ReversingLabs steps in.

The ReversingLabs Software Supply Chain Security solution can identify more than 250 secret types out of the box, including private keys, version control, certificates, tokens and more. Once identified, the platform’s detection capabilities allow teams to view discovered secrets for immediate true positive confirmation, determine their precise location, which services are affected and if those secrets are exposed or leaked elsewhere. The solution prioritizes all remediation efforts by suppressing third-party, open-source testing keys and other commonly shared secrets while reducing the fatigue that results from manual triage.

“These new capabilities underscore ReversingLabs commitment to address growing software supply chain complexity and increasingly sophisticated threats,” Mario Vuksan, co-founder and chief executive of ReversingLabs, said in a statement shared with SiliconANGLE. “Our comprehensive solution enables teams to securely control the release of software via the detection of software supply chain threats, malware, malicious behaviors, tampering and secrets exposures.

“Supply chain risks demand evolved application security capabilities that confront the full spectrum of challenges introduced by third-party components, commercial software, and binary misconfigurations beyond open-source libraries,” Vuksan added. “Our SSCS platform goes beyond existing solutions that only provide open-source licensing compliance and vulnerability detection or analyze source code quality for vulnerabilities to fill in the gaps they leave behind.”

ReversingLabs is a venture capital-backed company, having raised $81 million, according to Crunchbase, including a round of $25 million in 2017. Investors include Crosspoint Capital Partners LP, Prelude Fund Services LLC, Forgepoint Capital Management LLC and JPMorgan Chase & Co.

Image: ReversingLabs

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy

THANK YOU