The technology developed by Gauntlet will be incorporated to the AppSec Flow, expanding the services spectrum in AppSec
Conviso proudly announces the acquisition of Gauntlet.io Security, an application security testing company, whose technology is to complement the Continuous Application Security portfolio by Conviso.
The approach for this acquisition is technical, since Gauntlet´s automated tests complement the security platform of solution, connected to the pipeline development software by Conviso, the AppSec Flow Platform, making it tangible to the Continuous Application Security concept.
The AppSec Flow proposal is to be the most complete Continuous Application Security solution in the market, orchestrating all types of analysis and recommended solution control, from software creation (threat modeling, security requirements, secure architecture), going through coding (code review, alerts in the IDE, integrated code analysis), all the way to testing release (code review, business logic testing, run-time testing) getting to the deployment and software operation (hardening of cloud / containers environment, network scans, pentest, WAF, vulnerability management) and as the delivery cycle restarts, plan actions for correction, team training and maturity gain (correction workflow, continuous learning programs, Security Champions, OWASP OpenSAMM).
The integration of Gauntlet´s technology to the AppSec Flow platform will permit to speed up solutions conveyance, increase our service spectrum and the language coverage that can be tested through SAST (Static Application Security Testing) and DAST (Dynamic Application Security Testing), as well as integrating the scanners to deliver consolidated results on identified vulnerabilities on various analysis approaches.
Now & Then
According to Wagner Elias, CEO and founder of Conviso Application Security, the acquisition represents: “… the availability of an increasingly complete and robust Continuous Application Security solution as the AppSec Flow platform continues to grow in terms of analytics coverage and security controls to deliver safe software delivery from the ground up without slowing down the business. Many customers report that more security controls in the development pipeline, especially in the Agile development mode or the DevOps approach, can slow down deliveries and slow down the digital transformation process.
That’s why we take great care to design, along with these clients, a platform model that allows a DevSecOps approach with fluid, efficient controls that do not compromise the agility of development teams. And Gauntlet’s technology perfectly adheres to this precept, allowing us to immediately make available to our customers some of the features that were already in our production queue. This, therefore, was a shorter route to the go-to-market”.
About future acquisitions, the CEO says:
“No doubt this is a way to grow and anticipate the release of features that make AppSec Flow even more complete. We are studying some more options that should be implemented shortly”.
Gauntlet acquisition also collaborates with Conviso’s internationalization strategy, which expands its market operations beyond our borders, since a significant portion of Gauntlet’s clients are from European companies.
For further information about the AppSec Flow platform development roadmap, follow the updates about the development on our portal and help with the discussions.
To keep yourself up to date and to act on the DevSecOps community, join our Conviso Slack group through this link.
Read more about AppSec Flow and Follow us on our social media…