New Dazz Connections – September 2024
We’re constantly adding new integrations to help connect the dots between the development, infrastructure, and security tools you know and love to provide unparalleled visibility into your security environment for easier remediation.
Here are a few noteworthy new connections we’ve recently added.
Tenable Web App Scanning (DAST)
Dazz is now able to ingest Tenable Web App scanning results. The tool is part of the Tenable suite providing Dynamic Application Security Testing (DAST), and scans web applications to generate findings such as SQL injection, XSS, and more.
CrowdStrike Cloud Security
By connecting to CrowdStrike Falcon Cloud Security, Dazz can ingest indicators of misconfigurations (IOMs)—cloud misconfigurations and compliance issues—as well as image assessment at runtime (IAR).
HackerOne (Penetration testing)
Organizations expose a set of their assets through a bug bounty program (BBP) or vulnerability disclosure program (VDP) for hackers to attempt to hack. Dazz can now ingest HackerOne findings (used for pen testing) submitted by hackers as part of the organization’s HackerOne program to unify them alongside scanning findings.
Semgrep secrets detection
Dazz has supported ingesting both Semgrep supply chain (SCA) and Semgrep code (SAST) findings. Recently, we added the support of Semgrep secrets, enabling Dazz to ingest secrets detected by the tool. This enables customers to ingest Semgrep secrets in addition to Dazz Secret Scanning and validation.\
Qualys Web App Scanning (DAST)
Dazz can now ingest Qualys Web App scanning results generated in the Qualys suite providing Dynamic Application Security Testing (DAST). The tool scans web applications and generates findings such as SQL injection, XSS, and more.
Sonatype Nexus (Container registry)
Sonatype Nexus is an artifact repository management tool that allows users to manage their artifact versions, such as container images. Dazz now supports ingesting container images stored in Sonatype, and uses them to enrich your inventory and trace back container vulnerabilities back to their origin in code.
Check Point CloudGuard
CloudGuard is a cloud security platform that allows users to protect their cloud environment across applications, network, infrastructure and workloads. Dazz now supports ingesting cloud misconfigurations reported by the tool (CSPM) and vulnerabilities detected on cloud workloads (CWPP).
For more information or to see all Dazz connections, head here.
*** This is a Security Bloggers Network syndicated blog from The Dazz Blog blog authored by Noah Simon. Read the original post at: https://www.dazz.io/blog/new-dazz-connections-september-2024