{"id":3982,"date":"2024-06-11T16:18:34","date_gmt":"2024-06-11T21:18:34","guid":{"rendered":"https:\/\/www.darkreading.com\/application-security\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform"},"modified":"2024-06-11T16:18:34","modified_gmt":"2024-06-11T21:18:34","slug":"backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/06\/11\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform\/","title":{"rendered":"Backslash Unveils Enterprise-Grade Capabilities to its Reachability-Based AppSec Platform"},"content":{"rendered":"<div class=\"media_block\"><a href=\"https:\/\/i0.wp.com\/eu-images.contentstack.com\/v3\/assets\/blt6d90778a997de1cd\/blt850556f866500627\/654a5a8e05eb4d040a046894\/325351_DR23_Graphics_General_Large_Text_v1.png?ssl=1\"><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform.png?w=640&#038;ssl=1\" class=\"media_thumbnail\"><\/a><\/div>\n<div><img data-recalc-dims=\"1\" decoding=\"async\" src=\"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform.png?w=640&#038;ssl=1\" class=\"ff-og-image-inserted\"><\/div>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">PRESS RELEASE<\/span><\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">TEL AVIV, Israel, June 06, 2024 (GLOBE NEWSWIRE) &#8212;<\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&nbsp;<\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.globenewswire.com\/Tracker?data=sZNCf4xCSxQfIttA9qxpcayrKvTv-l4OE-hafsTyVMR_bSxxKk_7L5q8xA3-25S-MNsPqCvQ1x-YvswpVrBLITJDtzbQl809IA7d1SM1FZY=\" rel=\"noopener\">Backslash Security<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">, today unveiled expansive new platform capabilities. With a broad roster of new on-premises integrations, security team workflow integrations and automation features, CI\/CD integrations, and bolstered language support, Backslash now serves the full software development lifecycle and further supports the application security needs of large enterprises.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">\u201cThere are two core elements that make AppSec teams successful \u2013 one is cutting through the noise to prioritize truly reachable and exploitable vulnerabilities; the other is building confidence with our developers to trust that the risks we flag are real, and worth their effort to investigate and fix,\u201d said Shane Garoutte, Head of Security &amp; Compliance at Capital Rx. \u201cBackslash\u2019s focus on reachability analysis enables us to achieve both, and with the platform\u2019s expanded capabilities, we can also work seamlessly with DevOps to integrate security throughout the software development lifecycle.\u201d<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Backslash combines SCA, SAST, SBOM, VEX, and secrets detection to replace outdated legacy SAST and SCA tools with a single, enterprise-ready platform that uncovers the most critical risks through reachability analysis. Newly released enhancements to the Backslash platform include:<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Extended support for large enterprise use cases:<\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&nbsp;<\/span><\/p>\n<div data-component=\"basic-list\" class=\"BasicList BasicList_nestedLevel_0 BasicList_variant_unordered BasicList_limited\">\n<ul data-testid=\"basic-list-unordered\" class=\"BasicList-UnorderedList\">\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_unordered\" readability=\"7.5\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_unordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"10\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Integrations with Github Enterprise On-Premise, Github Enterprise Server, Gitlab On-Premise and Bitbucket On-Premise enable seamless connection to enterprise on-premises codebases.<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_unordered\" readability=\"9\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_unordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"13\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Extended language support adds C, C++, Ruby, Rust and Scala to Backslash\u2019s existing language portfolio to serve diverse technology stacks and secure the entire codebase, including third party libraries and dependencies.<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_unordered\" readability=\"6.5\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_unordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"8\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Role-based access controls enable enterprises to easily manage access to the Backslash platform for large and varied user bases across the organization.<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<\/ul>\n<\/div>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Security team workflow enhancements:<\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&nbsp;New automation policies and actions features enable Backslash users to specify security workflows and automatically create tickets and notifications with the following collaboration platforms: Jira, Monday.com, ServiceNow, Slack and Microsoft Teams.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">CI\/CD integrations for DevSecOps support:<\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&nbsp;Integrations with Gitlab Pipelines, Github Actions and Azure Pipelines enable DevOps teams to implement DevSecOps processes and prevent new issues from being introduced in the pull request and CI\/CD stages.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">Reachability analysis enhancements:<\/span><\/span><\/p>\n<div data-component=\"basic-list\" class=\"BasicList BasicList_nestedLevel_0 BasicList_variant_unordered BasicList_limited\">\n<ul data-testid=\"basic-list-unordered\" class=\"BasicList-UnorderedList\">\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_unordered\" readability=\"8.5\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_unordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"12\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Phantom packages are packages not defined or controlled by the app developer but introduced by a transitive one, escaping the developer&#8217;s control and potentially introducing vulnerable versions into the application. Backslash detects these phantom packages in OSS code, even if they are not declared in manifest files.<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_unordered\" readability=\"8\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_unordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"11\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Backslash Security\u2019s reachability analysis identifies vulnerable transitive packages, helping developers understand which vulnerabilities are actually in use and therefore exploitable within their codebase, allowing them to prioritize what to fix.<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<li>\n<div class=\"BasicList-ListItem BasicList-ListItem_variant_unordered\" readability=\"6\"><span data-component=\"icon\" data-name=\"Circle\" class=\"BasicList-ListIcon BasicList-ListIcon_variant_unordered\"><\/span><\/p>\n<div class=\"BasicList-Item\" readability=\"7\">\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">New UI features bolster reachability evidence by showing code references for each reachable path.<\/span><\/p>\n<\/div>\n<\/div>\n<\/li>\n<\/ul>\n<\/div>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">&#8220;Backslash enables enterprises to prioritize truly critical code risks and facilitate trust among the many teams and stakeholders within the software development lifecycle,&#8221; said Yossi Pik, co-founder and CTO of Backslash Security. &#8220;These latest enhancements automate key AppSec tasks, ensure issues are handled according to the correct priorities, and integrate smoothly into organizational workflows, all while strengthening our reachability analysis to provide enterprise security teams with incomparable results.&#8221;<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Start a free trial with full access to the Backslash platform via a pre-configured demo environment that includes SAST, SCA, phantom packages, VEX, SBOM, secrets, and more, now available at&nbsp;<\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.globenewswire.com\/Tracker?data=S--vrZ94Zxn5p_j6ylKp3TjOidXvNn9o_geey0TquBxBMzcShbsJLq_t8wLZzt5b2YxiGtbJOkesURvM0YehrzN2u4Xzj74kYTFcd7NCi3Mod1r8paqiP1V3Np5Oe9Ea\" rel=\"noopener\">backslash.security\/trial<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><span class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_bold\">About Backslash<\/span><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"> <\/span><br \/><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Backslash&#8217;s fusion of SAST and SCA empowers enterprise AppSec teams to focus on fixing only the reachable, exploitable code vulnerabilities. By identifying authentic attack paths pointed at reachable code, Backslash empowers security teams to focus on rectifying only the code and open-source software (OSS) components that are actively in use and accessible to potential attackers. Thanks to this precision, Backslash enables teams to fix only the vulnerable code and OSS that indeed needs addressing \u2013 the reachable, exploitable components.<\/span><\/p>\n<p class=\"ContentParagraph ContentParagraph_align_left\" data-testid=\"content-paragraph\"><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">Backed by StageOne Ventures, First Rays Venture Partners, D. E. Shaw &amp; Co., and a roster of security veterans as angel investors, Backslash has been deployed across leading technology organizations and Fortune 100 companies. Learn more at&nbsp;<\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\"><a class=\"ContentText-BodyTextChunk ContentText-BodyTextChunk_link\" target=\"_blank\" href=\"https:\/\/www.globenewswire.com\/Tracker?data=11PtvcTUt81i-MV75N7XmRHZtM80NVOeBp9sZ9dx-SBHCWCUUbCrq8u7zL48eQuijz25NL__XADybKv1bkePpLFniMHn3N80ue5TWoHw6cVRQnHdQSRQfogLYi6fWryX\" rel=\"noopener\">https:\/\/www.backslash.security\/<\/a><\/span><span class=\"ContentText ContentText_variant_bodyNormal\" data-testid=\"content-text\">.<\/span><\/p>\n<p><a href=\"https:\/\/www.darkreading.com\/application-security\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>PRESS RELEASE TEL AVIV, Israel, June 06, 2024 (GLOBE NEWSWIRE)<\/p>\n","protected":false},"author":12,"featured_media":3983,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-3982","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform.png?fit=3840%2C2160&ssl=1",3840,2160,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform.png?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform.png?fit=300%2C169&ssl=1",300,169,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform.png?fit=640%2C360&ssl=1",640,360,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform.png?fit=640%2C360&ssl=1",640,360,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform.png?fit=1536%2C864&ssl=1",1536,864,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform.png?fit=2048%2C1152&ssl=1",2048,1152,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform.png?fit=1024%2C576&ssl=1",1024,576,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform.png?resize=825%2C575&ssl=1",825,575,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform.png?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"<a href=\"https:\/\/ddi.mohflo.net\/index.php\/category\/uncategorized\/\" rel=\"category tag\">Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/06\/backslash-unveils-enterprise-grade-capabilities-to-its-reachability-based-appsec-platform.png?fit=3840%2C2160&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/3982","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=3982"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/3982\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/3983"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=3982"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=3982"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=3982"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}