{"id":6136,"date":"2024-11-06T18:20:54","date_gmt":"2024-11-07T00:20:54","guid":{"rendered":"https:\/\/www.darkreading.com\/application-security\/symbiotic-code-security-tool-fix-flaws"},"modified":"2024-11-06T18:20:54","modified_gmt":"2024-11-07T00:20:54","slug":"symbiotic-security-launches-scanning-tool-to-help-fix-flaws-in-code","status":"publish","type":"post","link":"https:\/\/ddi.mohflo.net\/index.php\/2024\/11\/06\/symbiotic-security-launches-scanning-tool-to-help-fix-flaws-in-code\/","title":{"rendered":"Symbiotic Security Launches Scanning Tool to Help Fix Flaws in Code"},"content":{"rendered":"
<\/a><\/div>\n
<\/div>\n

Shift-left, or integrating security earlier in the software development lifecycle, is important in order to have more secure applications, but it is difficult to achieve. Developers need to take on some security responsibilities, but that means they need to be properly equipped with security tools that fit their workflow. In a recent Ponemon survey, 51% of IT and security practitioners said a lack of integrated security tools was a top challenge to shift-left security.<\/span><\/p>\n

This is the problem Symbiotic Security, which launched this week, is tackling with its software-as-a-service platform which integrates vulnerability detection and remediation capabilities directly into the application developer\u2019s integrated development environment. The platform also provides just-in-time training to developers so that they have the information on how to write secure code.<\/span><\/p>\n

\u201cUsing Symbiotic is like having a personal security coach right next to you as you code,\u201d says Jerome Robert, co-founder and CEO of Symbiotic Security. \u201cIt provides real-time feedback on the security mistakes you’re making, and it’s training you so you don’t repeat these mistakes.\u201d<\/span><\/p>\n

The plugin in the developer\u2019s IDE continuously scans code \u2014 as the developer types as well as the code that has already been written \u2014 and identifies potential security threats. The developer gets contextual remediation advice right in the IDE. \u201cOur security nudges are perceived as coaching,\u201d Robert says. \u201cIt\u2019s a tool that\u2019ll make them save time by not having to come back to fix old code.\u201d<\/span><\/p>\n

Developers can also access the training materials \u2014 in the form of capture-the-flag (CTF) content \u2014 to learn what the problem is and why it is a problem. They see examples of secure and vulnerable code, and are presented with a snippet of insecure code to find and fix as part of a game to help improve secure coding skills.<\/span><\/p>\n

The difference between Symbiotic Security\u2019s plugin and other code security tools is where the issues are identified, Robert says. Many of them catch mistakes after the code has been written, often during code commits or when integrated with the rest of the build. \u201cThey\u2019re not real-time,\u201d Robert says of those tools, and because of that, developers see \u201cno personal win\u201d in using them.<\/span><\/p>\n

As part of the launch Symbiotic Security also raised $3 million in seed funding from investors including Lerer Hippeau, Axeleo Capital, Factorial Capital. Symbiotic Security said its product is currently deployed at eight different companies.<\/span><\/p>\n

Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Shift-left, or integrating security earlier in the software development lifecycle,<\/p>\n","protected":false},"author":12,"featured_media":6137,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[1],"tags":[809],"class_list":["post-6136","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-uncategorized","tag-dark-reading"],"featured_image_urls":{"full":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/symbiotic-security-launches-scanning-tool-to-help-fix-flaws-in-code.jpg?fit=1280%2C720&ssl=1",1280,720,false],"thumbnail":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/symbiotic-security-launches-scanning-tool-to-help-fix-flaws-in-code.jpg?resize=150%2C150&ssl=1",150,150,true],"medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/symbiotic-security-launches-scanning-tool-to-help-fix-flaws-in-code.jpg?fit=300%2C169&ssl=1",300,169,true],"medium_large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/symbiotic-security-launches-scanning-tool-to-help-fix-flaws-in-code.jpg?fit=640%2C360&ssl=1",640,360,true],"large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/symbiotic-security-launches-scanning-tool-to-help-fix-flaws-in-code.jpg?fit=640%2C360&ssl=1",640,360,true],"1536x1536":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/symbiotic-security-launches-scanning-tool-to-help-fix-flaws-in-code.jpg?fit=1280%2C720&ssl=1",1280,720,true],"2048x2048":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/symbiotic-security-launches-scanning-tool-to-help-fix-flaws-in-code.jpg?fit=1280%2C720&ssl=1",1280,720,true],"chromenews-featured":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/symbiotic-security-launches-scanning-tool-to-help-fix-flaws-in-code.jpg?fit=1024%2C576&ssl=1",1024,576,true],"chromenews-large":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/symbiotic-security-launches-scanning-tool-to-help-fix-flaws-in-code.jpg?resize=825%2C575&ssl=1",825,575,true],"chromenews-medium":["https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/symbiotic-security-launches-scanning-tool-to-help-fix-flaws-in-code.jpg?resize=590%2C410&ssl=1",590,410,true]},"author_info":{"display_name":"Dark Reading","author_link":"https:\/\/ddi.mohflo.net\/index.php\/author\/darkreading\/"},"category_info":"Uncategorized<\/a>","tag_info":"Uncategorized","comment_count":"0","jetpack_featured_media_url":"https:\/\/i0.wp.com\/ddi.mohflo.net\/wp-content\/uploads\/2024\/11\/symbiotic-security-launches-scanning-tool-to-help-fix-flaws-in-code.jpg?fit=1280%2C720&ssl=1","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/6136","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/comments?post=6136"}],"version-history":[{"count":0,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/posts\/6136\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media\/6137"}],"wp:attachment":[{"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/media?parent=6136"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/categories?post=6136"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/ddi.mohflo.net\/index.php\/wp-json\/wp\/v2\/tags?post=6136"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}