Oxeye offers an application security testing (AST) platform purpose built for cloud-native application environments that scans code and containers for vulnerabilities when they are promoted to pre-prod and production environments.
We met Oxeye a couple weeks ago at KubeCon 2021, where they were just making the rounds prior to coming out of stealth today, in fact.
The firm has a unique take on AppSec, claiming a broad risk assessment view that can drill down into APIs and fuzz-test messaging traffic for remote invocation possibilities, in order to ‘shift-left’ security and reproduce the entry point or steps involved in creating potential exploits, hopefully before they can ever be seen by bad actors.
The team’s agents leverage data from open source tools like OpenTelemetry and Pixie to fetch and trace issues to their source, whether coded in Ruby, nodeJS, Python, Java or GoLang.
© 2021 Intellyx. At the time of writing, Verica is not an Intellyx customer. Want to see more BrainCandy? Subscribe today. If you are a vendor seeking coverage from Intellyx, please contact us at PR@intellyx.com.
