SecurityBrief Australia - Technology news for CISOs & cybersecurity decision-makers
Story image

Microsoft integrates Endor Labs' solution into Defender

Thu, 21st Nov 2024

Microsoft has integrated Endor Labs' Software Composition Analysis (SCA) solution into Defender for Cloud, marking the first code-to-runtime reachability solution within a Cloud-Native Application Protection Platform (CNAPP).

The newly announced integration allows organisations to consolidate application and cloud security into a single platform. Users can secure cloud workloads and application code from a unified dashboard, affording comprehensive security coverage from code development to runtime environments.

Endor Labs' SCA solution now permits correlation of SCA findings with runtime alerts, providing visibility over code-to-runtime attack paths. This functionality enables security teams to trace vulnerabilities found in open-source software dependencies to potential threats in cloud settings, enabling a prioritisation of threat remediation over the software development lifecycle. It further prevents 'toxic combinations' of security risks, where a vulnerability within an open-source package finds deployment within an internet-accessible cloud workload.

According to Varun Badhwar, CEO and co-founder of Endor Labs, "Defender for Cloud is one of the leading CNAPPs in the market by any metric. By partnering with Microsoft, we have the opportunity to provide our customers with the deepest and broadest set of code-to-runtime security capabilities, without compromising on quality."

Vlad Korsunsky, Corporate Vice President for Cloud and Enterprise Security at Microsoft, stated, "Our collaboration with Endor Labs makes Defender for Cloud the first CNAPP to provide true code-to-runtime reachability."

The integration, currently in Public Preview, introduces function-level reachability analysis to the Defender for Cloud console. It tackles the challenge of discerning which vulnerabilities within a broad context are genuinely critical, against often significant numbers of identified vulnerabilities. This situation requires security teams to either engage in laborious research or adopt unsustainable blanket approaches to vulnerability patching.

Endor Labs' natively integrated software as a service solution allows seamless deployment and configuration within Defender for Cloud. The process provides function-level reachability analysis for each vulnerability, be it at the build stage or within active production. Engineers can view if vulnerabilities are part of running applications, with 'reachable' findings indicating existent attack paths from developer code to vulnerable libraries or functions. This insight improves threat identification and focuses efforts on remediation according to the likelihood and impact of exploits.

By aligning application and cloud security findings, and introducing prioritised threat management strategies, this collaboration aims to streamline tools and minimise unnecessary system alerts. This enhancement offers comprehensive protection at a lower operational cost and without requiring the management of multiple distinct platforms.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X