Software-driven organizations that process sensitive data are increasingly exposed to risks of data breaches. The IBM Cost of a Data Breach Reports reminds us that the average cost of a data breach rose from $3.86M to $4.24M (2021) and that the chance for an organization to experience a data breach within two years is 29.6% (2019).
Is it really surprising? On the one hand, technology companies process increasing volumes of sensitive data and are subject to more and more data regulations. On the other hand, developers ship software faster than ever, engineering architecture becomes more complex with the increasing use of microservices and third parties. All while security teams are understaffed.
As a result, it can be hard for you—if not impossible—to keep up with the pace of engineering changes and ensure that your security policy is consistently implemented across the products that your developers build. That’s why we’ve built Bearer: to help you understand how sensitive data flows across your application environment and its associated security risks.
After automating data discovery and classification, we’re happy to release our risk detection feature, which enables you to identify risks of data breaches throughout your development lifecycle.
Shift risk assessment left
Bearer scans your code repositories continuously and triggers a risk event when:
- a repository processes new sensitive data.
- a repository processes sensitive data and integrates with a new third party.
- sensitive data is not encrypted.
Bearer provides you with contextual information so you can investigate and assess risks efficiently. Once a risk has been detected, you can ignore it, assign it to a teammate (JIRA integration coming), and close it once it has been mitigated.
Risk events can be customized to fit your needs. For each risk event, you can set the risk level and notification format, like email or Slack.
By September 2022, Bearer will detect a wider range of risks, including:
- New sensitive data stored in databases.
- Data stores processing sensitive data with public access.
- Databases storing sensitive data out of the U.S. (for HIPAA) or Europe (for GDPR).
- Unsecure database access.
- Disabled database backup.
- Missing client-side encryption.
- Missing encryption at rest.
- Missing logging for databases.
- Secret leaks.
- Dependency vulnerabilities (integrations with Snyk and GitHub).
- Data leakage in loggers.
- Unsecure HTTP/FTP/SMTP communication.
Key customer benefits
Bearer detects risks of data breaches proactively as your developers write code, so you can:
- Mitigate security risks before they reach your production environment.
- Assess risks faster and more accurately with actionable context.
- Stop slowing down development by automating security checks.
- A GitHub App to help you use Bearer with a minimum of friction.
- Integrations with GitHub and Snyk to detect vulnerabilities in your applications processing sensitive data.
- Integration with AWS to identify risks of data breaches across your entire application infrastructure.
Curious about what risks Bearer can detect by scanning your code repositories? Just get in touch and we’ll happily organize a trial.