Many organisations spend many thousands of dollars on security defect remediation of the software projects they create. Usually this effort is also performed late in the development life-cycle, often even after the code is considered done. This fact makes the remediation effort very costly and often too short. Because of this there are many bugs left in the software that get deployed to production.
Purpleteam strikes at the very heart of this problem. Purpleteam is a CLI and service (actually many services working together). The CLI can be run manually, but it’s sweet spot is being inserted into Development Team’s build pipelines, where it can find the security defects in your running web applications and APIs, and provide immediate and continuous notification of what and where your security defects are, along with tips on how to fix them.
The purpleteam service runs smart dynamic application security testing (DAST) against your Web applications and APIs.
With DAST, Developers are usually expected to write tests. Purpleteam removes this requirement. Developers specify what to test, purpleteam works out the “how to test”. That’s right, there are no tests to be written.
Reach out to us if you are interested in seeing how purpleteam can significantly reduce your security defects up front (as they’re being introduced), with very little work required from you as a Developer.