Vendors in the security industry continue to investigate the supply chain Solorigate attack and its implications on vendors (like FireEye) and customers worldwide using the traditional kill chain approach (which brings a kind of nostalgia for when my team at Aorato - Tal Be’ery and Michael Dubinsky and I built this chart).
We, at apiiro, think about this from a different perspective - how to identify this risky material code change and prevent it from being deployed in the first place.
Today, everyone knows that “Defenders think in lists. Attackers think in graphs. As long as this is true, attackers win” (by John Lambert). So at apiiro, we built a graph from the beginning of time across changes, developer knowledge and behavior, business impact and more. We call it the Spacetime Graph™.
We are using AI on top of the graph to enforce adaptive risk-based governance rules on vendors and internal development teams’ code bases and to identify risky material changes before they become vulnerabilities. From code to cloud.
“The discreet malicious codes inserted into the DLL called a backdoor composed of almost 4,000 lines of code that allowed the threat actor behind the attack to operate unfettered in compromised networks.”
This is a material change!
Apiiro understands the history of all user stories, bugs, features, epics, and code changes - together with the knowledge, location, and behavior of all contributors (e.g., developers, product managers, QA, security architects) that are relevant throughout the development process and connect them to business risks. This is how we identify risky material changes.