UPDATED 14:18 EDT / NOVEMBER 20 2024

SECURITY

Microsoft integrates source-code analysis into its cloud security suite

Endor Labs Inc. says Microsoft Corp. has natively integrated its software composition analysis technology into its Microsoft Defender for Cloud cloud-native application protection platform.

That means security teams can consolidate their application security and cloud security programs into a single platform and unified dashboard that spans all stages of the software development and deployment cycle.

SCA is a process used to identify and manage open-source components and dependencies within software applications. It focuses on analyzing the software’s codebase to detect the use of third-party libraries, frameworks and open-source components. CNAPP protects cloud-native applications by addressing their unique characteristics such as software containers, the Kubernetes container orchestrator, serverless functions and microservices.

Endor Labs said Tuesday that the native integration enables teams to correlate SCA findings with runtime alerts to view code-to-runtime attack paths. That means they can trace exploitable vulnerabilities found in open-source software dependencies to potential exploit paths in their cloud environments. This allows for more targeted remediation.

Tracing vulnerabilities from code to runtime can also reveal hard-to-find issues such as a reachable vulnerability in an open-source package that is used on an internet-reachable cloud workload. Defender for Cloud users can see a full attack path, from code committed to runtime workloads in the cloud.

Although only 9.5% of vulnerabilities are exploitable within a given application context, according to Endor Labs research, it can be tricky for teams to identify critical ones. Risks often aren’t fully documented, with only 2% of public advisories containing information about which library functions are at risk, the company reported.

With Defender for Cloud integration, security teams can get function-level reachability analysis for each vulnerability they find and see if function-level reachable vulnerabilities are in running applications. A “reachable” finding indicates there’s an attack path from the developer’s code through open-source dependencies to a vulnerable library or function.

Defender for Cloud integration is currently in public preview and will be available in the Azure Marketplace.

Image: A. Solano/Freepik

A message from John Furrier, co-founder of SiliconANGLE:

Support our open free content by sharing and engaging with our content and community.

Join theCUBE Alumni Trust Network

Where Technology Leaders Connect, Share Intelligence & Create Opportunities

11.4k+  
CUBE Alumni Network
C-level and Technical
Domain Experts
15M+ 
theCUBE
Viewers
Connect with 11,413+ industry leaders from our network of tech and business leaders forming a unique trusted network effect.

SiliconANGLE Media is a recognized leader in digital media innovation serving innovative audiences and brands, bringing together cutting-edge technology, influential content, strategic insights and real-time audience engagement. As the parent company of SiliconANGLE, theCUBE Network, theCUBE Research, CUBE365, theCUBE AI and theCUBE SuperStudios — such as those established in Silicon Valley and the New York Stock Exchange (NYSE) — SiliconANGLE Media operates at the intersection of media, technology, and AI. .

Founded by tech visionaries John Furrier and Dave Vellante, SiliconANGLE Media has built a powerful ecosystem of industry-leading digital media brands, with a reach of 15+ million elite tech professionals. The company’s new, proprietary theCUBE AI Video cloud is breaking ground in audience interaction, leveraging theCUBEai.com neural network to help technology companies make data-driven decisions and stay at the forefront of industry conversations.