New Relic Launches Interactive Application Security Testing
July 2023 by Marc Jacob
New Relic announced the public preview of New Relic Interactive Application Security Testing (IAST). New Relic IAST goes beyond current approaches by providing visibility and context to security findings, advanced detection accuracy with near zero false positives and proof-of-exploit, as well as guided remediation. It enables engineers, DevOps, and security teams to focus on real security risks, remediate issues faster across the application lifecycle, and ship secure code with speed and confidence. Available with Data Plus and part of the New Relic all-in-one observability platform, the public preview comes with a free 30-day trial period to bring the power of observability and security to every engineer.
The growth in DevOps has enabled teams to build and ship software faster than ever before—yet 85% of applications still contain vulnerabilities. With vulnerabilities and exposures expected to rise throughout this year to 1,900 per month, engineering and security teams must take a context-driven approach that accurately identifies, prioritizes, and verifies vulnerabilities with proof-of-exploit for faster remediation. And, current application security testing methods often rely on a reactive approach, which can result in increased costs, false positives, and missed release cycles.
New Relic IAST can help software engineers and security teams solve for these issues by providing much needed visibility and rapid detection while nearly eliminating the false positives found in other application security testing methods. It leverages the New Relic patented deterministic technique to identify and provide automated vulnerability validation with proof-of-exploit, which reduces noise and enables more effective and faster remediation.
Key features and benefits include:
• 360 visibility: View the application stack and associated relationships with context-driven insights to reduce blind spots and validate remediation efforts.
• Reduce false positives: Advanced detection accuracy, risk-based prioritization, and automated vulnerability validation ensure teams focus on real security risks.
• Proof of exploit: Find, fix, and verify exploitable vulnerabilities with dynamic assessment capabilities that pinpoint the source of vulnerabilities by simulating real-world attacks.
• Accelerate remediation: Guided remediation, guardrails and status tracking help developers avoid critical mistakes across the software development lifecycle (SDLC).
• Scale at will: Easy deployment via existing APM agent and seamless integration with CI/CD pipelines and ticketing systems prevent disruption of existing processes and workflows.
New Relic IAST comes on the heels of the general availability of New Relic Vulnerability Management, which allows enterprises to manage security vulnerabilities as an integrated part of their observability practice and open third-party data integrations.
New Relic IAST is currently available in public preview as part of the New Relic platform. To learn more, contact your New Relic account representative and get started. Existing users can activate their preview by logging into their New Relic account today. Legacy and site license accounts must migrate to consumption billing for preview access.