Application Security 2.0

Protecting Sensitive Data by Design

Reinforcing perimeter control is one thing, controlling data flow by design is quite another.

Security tools that analyze source code only check on best practices that prevent intrusion (SQL Injection, XSS). CAST does the same with much fewer false alarms, and is uniquely capable of protecting data against hackers or unhappy developers who managed to get inside the network.

The CAST Application Intelligence Platform visualizes the “as is” architecture and provides automated inspection to understand what connects to sensitive data structures. It identifies data call pathways that are safe and which are intrinsically vulnerable to attack; understands what controls are needed to prevent common attacks; and can enforce new architectural constructs to keep the most sensitive data secure

Contextual Software Analysis reduces significantly the number of spurious findings flagged by traditional code checkers, and can help find flaws that traditional application security tools can’t catch: Malicious code having forbidden access to data, lack of input validation, and back doors.

CAST for Security