Add the BitSensor plugin to your Dependency Manager, such as Maven, Composer or npm. BitSensor will now instrument the libraries and frameworks in your application to collect input, context and events that are related to security events.
We can setup a hosted BitSensor environment for you, or you can use BitSensor on premise. In the latter case you just run the Docker containers. This sets you up in under a day.
A Security Taxonomy will be created, mapping all relevant events in your application and business logic to security events. Typically we map authorization and authentication, and add all the frameworks the application is using to the Taxonomy.
After this, False Positive will be scrubbed. We analyse traffic statistically to map what detection should not be triggered, and exclude only these cases. This can be as specific as a single line of code on a single IP address on a specific application.
With the BitSensor setup complete, we can now share with your analysts how BitSensor assists them in the process of finding the attacker and creating reports. While we're working with the analyst, we might as well make additional management dashboards.
With everything setup, we would like to hear your next steps in Application Security and see how BitSensor integrates with them. This is what we commonly hear you might be doing:
- Content Security Policy
- Logic Attacks
- Red Teaming Web Applications
- Penetration Testing to improve metrics
You are now compliant with 'Meldplicht Datalekken' (lawful duty of reporting data breaches) and GDPR in regards to attacks on your application layer. Your SoC analysts are able to respond to incidents and DevOps is secure.