An Intellyx Brain Candy Brief
BlueFlag Security’s platform secures IDs for the software development lifecycle (SDLC), detecting and preventing SDLC-related software supply chain attacks.
Human and machine IDs expose vulnerabilities through excessive permissions, lack of auditing and control, and inability to trace responsibility for code related breaches and incidents.
The BlueFlag platform dashboard answers questions such as: “who checked in the library with the vulnerability” or “who violated branch check in rules.”
BlueFlag also checks and manages the ID privileges for service accounts for such pipeline software products as static code analyzers and open source vulnerability checkers.
BlueFlag reviews external dev accounts, checks for misconfigurations, and maps its findings against OWASP best practices.
The platform ingests 90 days’ worth of data to build a baseline for an ML/AI analysis to identify potential vulnerabilities and risks, displays results on a dashboard, and continuously monitors pipeline activity to raise alerts for IDs that violate policy.
Copyright © Intellyx BV. Intellyx is an industry analysis and advisory firm focused on enterprise digital transformation. Covering every angle of enterprise IT from mainframes to artificial intelligence, our broad focus across technologies allows business executives and IT professionals to connect the dots among disruptive trends. None of the organizations mentioned in this article is an Intellyx customer. No AI was used to produce this article. To be considered for a Brain Candy article, email us at pr@intellyx.com.