News

Conviso acquired Gauntlet.io

The technology developed by Gauntlet will be incorporated to the Conviso Platform, expanding the services spectrum in AppSec

Conviso proudly announces the acquisition of Gauntlet.io Security, an application security testing company, whose technology is to complement the Continuous Application Security portfolio by Conviso.

The approach for this acquisition is technical, since Gauntlet´s automated tests complement the security platform of solution, connected to the pipeline development software by Conviso, the Conviso Platform Platform, making it tangible to the Continuous Application Security concept.

The Conviso Platform proposal is to be the most complete Continuous Application Security solution in the market, orchestrating all types of analysis and recommended solution control, from software creation (threat modeling, security requirements, secure architecture), going through coding (code review, alerts in the IDE, integrated code analysis), all the way to testing release (code review, business logic testing, run-time testing) getting to the deployment and software operation (hardening of cloud / containers environment, network scans, pentest, WAF, vulnerability management) and as the delivery cycle restarts, plan actions for correction, team training and maturity gain (correction workflow, continuous learning programs, Security Champions, OWASP OpenSAMM).

The integration of Gauntlet´s technology to the Conviso Platform platform will permit to speed up solutions conveyance, increase our service spectrum and the language coverage that can be tested through SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing), as well as integrating the scanners to deliver consolidated results on identified vulnerabilities on various analysis approaches.

Now & Then

According to Wagner Elias, CEO and founder of Conviso Application Security, the acquisition represents: “… the availability of an increasingly complete and robust Continuous Application Security solution as the Conviso Platform continues to grow in terms of analytics coverage and security controls to deliver safe software delivery from the ground up without slowing down the business. Many customers report that more security controls in the development pipeline, especially in the Agile development mode or the DevOps approach, can slow down deliveries and slow down the digital transformation process.

That’s why we take great care to design, along with these clients, a platform model that allows a DevSecOps approach with fluid, efficient controls that do not compromise the agility of development teams. And Gauntlet’s technology perfectly adheres to this precept, allowing us to immediately make available to our customers some of the features that were already in our production queue. This, therefore, was a shorter route to the go-to-market”.

About future acquisitions, the CEO says:
“No doubt this is a way to grow and anticipate the release of features that make Conviso Platform even more complete. We are studying some more options that should be implemented shortly”.

Gauntlet acquisition also collaborates with Conviso’s internationalization strategy, which expands its market operations beyond our borders, since a significant portion of Gauntlet’s clients are from European companies.

For further information about the Conviso Platform development roadmap, follow the updates about the development on our portal and help with the discussions.

To keep yourself up to date and to act on the DevSecOps community, join our Conviso Slack group through this link.

Read more about Conviso Platform and Follow us on our social media…

About author

Articles

A team of professionals, highly connected on news, techniques and information about application security
Related posts
Application SecurityNews

What is SARIF and how it could revolutionize software security.

There is something happening behind the scenes in the software world that will make a difference in…
Read more
Application SecurityNews

The Amazing Electrosphere

In the daily journey of security analysts, when performing intrusion tests, some steps end up being…
Read more
Application SecurityCode FightersNews

Research: CVE-2021-43076 and the Risks Caused by Insecure Design

In the latest edition of OWASP TOP 10 Vulnerabilities 2021, some new categories were introduced in…
Read more

Deixe um comentário