Enterprise application programming security startup Noname Security today announced the general availability of its Active Testing V2 service designed to help organizations “leave no API untested.”

Active Testing is said to be an easy-to-use, advanced and complete application programming interface security testing solution. The new version has been designed to help industry leaders to further “shift left” to stop vulnerabilities from reaching production, innovate faster and ensure compliance with evolving regulatory requirements. Shift Left is a practice in the software development world that involves introducing tasks such as testing and quality assurance early in the life cycle of a project.

Noname Security argues that most APIs aren’t tested for security before being sent to production as traditional testing tools, and methods aren’t designed to test the security of APIs, leaving them vulnerable. The issues include tools often not understanding the complex business logic of APIs, meaning they don’t recognize many APIs.

Active Testing V2 is designed to address these challenges. The service allows every API to be tested, offers integration into the entire software development lifecycle and provides best-in-class usability to empower developers, according to the company. The service adds API security into the application development process, such as continuous integration/continuous deployment and dynamic or static API specification analysis.

“Testing the security of APIs in development makes good financial sense,” said Shay Levi, Noname’s co-founder and chief technology officer. “Fixing issues earlier in an API’s lifecycle can reduce remediation costs by 10 to 100 times.

Levi added that with rising costs of rewriting code, regulatory fines, delays to new products, brand impacts and the drops in shareholder value after breaches, it’s vital that companies actively address API security in development.

Noname Security was last in the news in March, releasing several new capabilities across its API security platform. The release included discovery, posture management, runtime protection, pre-production testing and deployment.

Karl Mattson, Noname’s chief information security officer, spoke with theCUBE, SiliconANGLE Media Inc.’s livestreaming studio, in July when he discussed how, as security teams feel the added pressure to deliver in obscure cloud-native environments, capabilities around security need to conform accordingly:

Image: Noname Security