Redpoint Security principals and developers have worked on a proprietary tool, Surveyor, which provides full visibility into an application’s security posture by monitoring common weak spots and using your application customers to trigger reporting.
Security from Build to Browser
Surveyor works to secure your application by providing a real-time monitor for three key stages in your application’s lifecycle. That’s why we argue that Surveyor is security from build to browser. Surveyor provides coverage for teams concerned about your SDLC, your application’s runtime security, as well as sneaky attacks against your customers and their data that often don’t get discovered. Surveyor provides this security in three key ways.
- Activating a Package Monitor that alerts you to changes to packages for keystone components and libraries that your application depends on.
- By monitoring runtime application behavior. Surveyor, in the initial review of the application, creates a baseline for the application’s operations and interactions, and it reports anytime it sees a change to that baseline.
- By monitoring the application your customer sees in the browser, Surveyor can tell you if a malicious JavaScript is operating on the customer’s page, providing instant notification that credit-card skimming or magecart-style attacks may be taking place against your customers.
Redpoint testers already use Surveyor in application review because, as a browser plugin, it works to start mapping out an application’s attack surface as well as alerting on potential vulnerabilities that may exist in initial reviews. If you’d like to learn more about Surveyor, check out the Redpoint Labs site, or contact Redpoint below for more information.